Discover and read the best of Twitter Threads about #STRONTIUM

Most recents (2)

Added #STRONTIUM election-related credential harvesting campaign "detection" to #AzureSentinel: github.com/Azure/Azure-Se…

Yes - it's hardcoded for netblocks released in the #MSTIC report (microsoft.com/security/blog/…)
This is just extra coverage on top of existing cred harvesting logic
That said, the logic posted there finds some high fidelity #STRONTIUM campaigns from at least June through... recently (more details in above blog).

You'll see a User-Agent, first/last attempt, # of total attempts, # of unique IPs & unique accounts attempted + a list of accounts
As shipped, it's looking over the past 30 days. But if you have #AzureSentinel, I recommend pasting that same KQL in & searchings logs w/ expanded timeframe.
The # authAttempts can stay where it's at ... #STRONTIUM activity is approx 100 attempts per IP per account
Read 4 tweets
Developing" #Russia #Chia #Iran hackers targeting @realDonaldTrump @JoeBiden presidential campaigns

"foreign activity groups have stepped up their efforts targeting the 2020 election as had been anticipated" per @Microsoft's @TomBurt45

blogs.microsoft.com/on-the-issues/…
#Russia's #Strontium (also known as #FancyBear or #APT28) "has attacked more than 200 organizations including political campaigns, advocacy groups, parties and political consultants" per @TomBurt45
#China's #Zirconium "has attacked high-profile individuals associated with the election, including people associated with the Joe Biden for President campaign and prominent leaders in the international affairs community" per @Microsoft 's @TomBurt45
Read 5 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!