- Source: https://www.microsoft.com/en-us/security/blog/2024/01/25/midnight-blizzard-guidance-for-responders-on-nation-state-attack/
- Source: https://msrc.microsoft.com/blog/2024/03/update-on-microsoft-actions-following-attack-by-nation-state-actor-midnight-blizzard/
- Source: https://blog.cloudflare.com/thanksgiving-2023-security-incident
- Source: https://blog.cloudflare.com/how-cloudflare-mitigated-yet-another-okta-compromise
- Source: https://sec.okta.com/harfiles
- Source: https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-325a
- Source: https://www.mandiant.com/resources/blog/session-hijacking-citrix-cve-2023-4966
- Source: https://www.documentcloud.org/documents/24075435-bhi-notice
- Source: https://www.bleepingcomputer.com/news/security/us-energy-firm-shares-how-akira-ransomware-hacked-its-systems/
- Source: https://blog.bushidotoken.net/2023/09/tracking-adversaries-akira-another.html
- Source: https://www.cyber.gc.ca/en/alerts-advisories/alphvblackcat-ransomware-targeting-canadian-industries
- Source: https://www.crowdstrike.com/blog/analysis-of-intrusion-campaign-targeting-telecom-and-bpo-companies/
- Source: https://blog.bushidotoken.net/2023/08/tracking-adversaries-scattered-spider.html
Intelligence 5: UNC4736, a North Korea-linked adversary, performs double software supply chain attack
- Source: https://www.3cx.com/blog/news/desktopapp-security-alert/
- Source: https://www.3cx.com/blog/news/mandiant-security-update2/
- Source: https://www.mandiant.com/resources/blog/3cx-software-supply-chain-compromise