blocklists-microsoft.txt

## hosts-blocklists
## domains-ips-hashes

## blocklists-microsoft
## https://www.microsoft.com/en-us/security/blog/topic/threat-intelligence/?sort-by=newest-oldest&date=any


# https://www.microsoft.com/en-us/security/blog/2024/05/28/moonstone-sleet-emerges-as-new-north-korean-threat-actor-with-new-bag-of-tricks/

bestonlinefilmstudio.org
blockchain-newtech.com
ccwaterfall.com
chaingrown.com
defitankzone.com
detankwar.com
freenet-zhilly.org
matrixane.com
mingeloem.com
pointdnt.com
starglowventures.com

09d152aa2b6261e3b0a1d1c19fa8032f215932186829cfcca954cc5e84a6cc38
39d7407e76080ec5d838c8ebca5182f3ac4a5f416ff7bda9cbc4efffd78b4ff5
70c5b64589277ace59db86d19d846a9236214b48aacabbaf880f2b6355ab5260
9863173e0a45318f776e36b1a8529380362af8f3e73a2b4875e30d31ad7bd3c1
56554117d96d12bd3504ebef2a8f28e790dd1fe583c33ad58ccbf614313ead8c
cafaa7bc3277711509dc0800ed53b82f645e86c195e85fbf34430bbc75c39c24
cb97ec024c04150ad419d1af2d1eb66b5c48ab5f345409d9d791db574981a3fb
ecce739b556f26de07adbfc660a958ba2dca432f70a8c4dd01466141a6551146
f66122a3e1eaa7dcb7c13838037573dace4e5a1c474a23006417274c0c8608be
f59035192098e44b86c4648a0de4078edbe80352260276f4755d15d354f5fc58

# https://www.microsoft.com/en-us/security/blog/2024/05/15/threat-actors-misusing-quick-assist-in-social-engineering-attacks-leading-to-ransomware/

greekpool.com
instance-olqdnn-relay.screenconnect.com
realsepnews.com
upd5.pro
upd7.com
upd7a.com
upd9.com
zziveastnews.com

0f9156f91c387e7781603ed716dcdc3f5342ece96e155115708b1662b0f9b4d0
1ad05a4a849d7ed09e2efb38f5424523651baf3326b5f95e05f6726f564ccc30
1cb1864314262e71de1565e198193877ef83e98823a7da81eb3d59894b5a4cfb
71d50b74f81d27feefbc2bc0f631b0ed7fcdf88b1abbd6d104e66638993786f8
93058bd5fe5f046e298e1d3655274ae4c08f07a8b6876e61629ae4a0b510a2f7

# https://www.microsoft.com/en-us/security/blog/2024/04/22/analyzing-forest-blizzards-custom-post-compromise-tool-for-exploiting-cve-2022-38028-to-obtain-credentials/

6b311c0a977d21e772ac4e99762234da852bbf84293386fbe78622a96c0b052f
7d51e5cc51c43da5deae5fbc2dce9b85c0656c465bb25ab6bd063a503c1806a9
41a9784f8787ed86f1e5d20f9895059dac7a030d8d6e426b9ddcaf547c3393aa
c60ead92cd376b689d1b4450f2578b36ea0bf64f3963cfa5546279fa4424c2a5

# https://www.microsoft.com/en-us/security/blog/2024/04/17/attackers-exploiting-new-critical-openmetadata-vulnerabilities-on-kubernetes-clusters/

oast.me
oast.pro

8.130.115.208
8.222.144.60
61.160.194.160

7c6f0bae1e588821bd5d66cd98f52b7005e054279748c2c851647097fa2ae2df
19a63bd5d18f955c0de550f072534aa7a6a6cc6b78a24fea4cc6ce23011ea01d
31cd1651752eae014c7ceaaf107f0bf8323b682ff5b24c683a683fdac7525bad