Jeremy Dallman
@jdallman
Followers
1K
Following
2K
Statuses
1K
Microsoft Threat Intelligence. Mostly promoting work stuff & smart security people. Obsessed with good coffee & scotch. Opinions my own.
Upper Left, USA
Joined February 2010
RT @RavivTamir: Threat Analytics reports now expand into our new exposure management initiatives to help address risk faster https://t.co/…
0
8
0
RT @msftsecurity: We’re putting security above all else at Microsoft by expanding the Secure Future Initiative—our commitment to delivering…
0
105
0
It's "go time"! I started at Microsoft 3 months after the TWC memo. Today's SFI mails carry the same energy, urgency, & top-down mandate. This time I get to lead a team of security experts delivering TI + protections to customers, industry partners, and the world. LET'S GO!
We’re putting security above all else at Microsoft by expanding the Secure Future Initiative—our commitment to delivering solutions that meet the highest possible security standards. Learn more: #SecureByDesign #CloudSecurity
0
0
7
Mostly on LinkedIn now... for Microsoft Threat Intelligence stuff, follow along here:
0
0
1
RT @msftsecurity: Strengthen your security posture: proactively discover, assess, and prioritize risk with Microsoft Security Exposure Mana…
0
10
0
RT @msftsecurity: SecOps teams are using Microsoft Copilot for Security and Microsoft Defender XDR to defend against human-operated ransomw…
0
24
0
Forest Blizzard commonly employs other known public exploits in their attacks. They are a well-resourced and well-trained group that is continually refining their footprint by employing new custom techniques, public vulnerabilities, and malware.
On January 20, 2024, the US government conducted a disruption operation against infrastructure used by a threat actor we track as Forest Blizzard (STRONTIUM), a Russian state-sponsored threat actor, as detailed here:
0
0
4
RT @MsftSecIntel: Microsoft, in collaboration with OpenAI, is publishing research on emerging threats in the age of AI, focusing on identif…
0
119
0
RT @MsftSecIntel: The latest biannual report on Iran from the Microsoft Threat Analysis Center (MTAC) presents details on the series of cyb…
0
175
0
RT @ItsReallyNick: When it comes to threat intel the best way to cluster ransomware threat actors is physically together in a jail cell
0
73
0
RT @MalwareRE: MSTIC is looking for Senior Security Researchers (Malware Reverse Engineers) in the US and Australia to join our MSTIC-RE te…
0
41
0
RT @MsftSecIntel: Listen to Microsoft Threat Intelligence analysts @Greg_Schloemer & @_matt_kennedy discuss with @sherrod_im what makes the…
0
49
0
RT @MsftSecIntel: We’re inviting members of the infosec community to join the fourth InfoSec Jupyterthon event to meet and engage with secu…
0
46
0
Microsoft Threat Intel just published analysis and investigation findings from our ongoing investigation of the recent nation state attacks by Midnight Blizzard (🇷🇺) incl TTPs and guidance for defenders to protect, detect, and respond to similar threats.
1
3
11
In response to these actor activities, the ms-appinstaller URI scheme handler has been disabled by default in App Installer build 1.21.3421.0. Microsoft Security Response Blog has also published additional guidance (.
Microsoft has observed threat actors, including financially motivated actors like Storm-0569, Storm-1113, Sangria Tempest, & Storm-1674, misusing the ms-appinstaller URI scheme (App Installer) to distribute malware. Get TTPs and protection info:
0
1
7
RT @MsftSecIntel: Microsoft has observed threat actors, including financially motivated actors like Storm-0569, Storm-1113, Sangria Tempest…
0
174
0
RT @simandsec: Earlier this year we saw them password spraying and doing nifty cloud stuff. Now they are using some unique malware 👀
0
6
0
RT @MsftSecIntel: Microsoft has observed the Iranian nation-state actor Peach Sandstorm attempting to deliver a newly developed backdoor na…
0
181
0