Article Details
Scrape Timestamp (UTC): 2025-06-02 17:04:04.552
Original Article Text
Click to Toggle View
Microsoft and CrowdStrike partner to link hacking group names. Microsoft and CrowdStrike announced today that they've partnered to connect the aliases used for specific threat groups without actually using a single naming standard. As the two companies explained on Monday, this will be done by mapping (or linking) the different names their security analysts use for each group they track. Microsoft has updated its threat actor reference guide with a list of common hacking groups tracked by CrowdStrike and Redmond, all mapped using each company's naming systems. "This reference guide serves as a starting point, a way to translate across naming systems so defenders can work faster and more efficiently, especially in environments where insights from multiple vendors are in play," said Vasu Jakkal, Corporate Vice President for Microsoft Security. "This effort is not about creating a single naming standard. Rather, it's meant to help our customers and the broader security community align intelligence more easily, respond faster, and stay ahead of threat actors." This naming taxonomy mapping effort is the initial step towards making tracking overlapping threat actor activity easier and avoiding unnecessary confusion and complexity. As Microsoft also revealed today, Google/Mandiant and Palo Alto Networks' Unit 42 will also be contributing their own information to make attribution faster and clearer, with other cybersecurity companies likely to join this initiative in the future. After more security firms join this alliance and start sharing their telemetry data, this initiative will bring clarity and make it simpler for network defenders to translate naming systems and build a far more accurate view of malicious campaigns. "CrowdStrike and Microsoft are proud to take the first step, but we know this must be a community-led initiative to succeed," added Adam Meyers, Senior Vice President for Intelligence at CrowdStrike. "Together, the companies have already deconflicted more than 80 threat actors through direct, analyst-led collaboration. These represent some of the most active and sophisticated adversaries in the world. Why IT teams are ditching manual patch management Manual patching is outdated. It's slow, error-prone, and tough to scale. Join Kandji + Tines on June 4 to see why old methods fall short. See real-world examples of how modern teams use automation to patch faster, cut risk, stay compliant, and skip the complex scripts.
Daily Brief Summary
Microsoft and CrowdStrike have formed a partnership to synchronize the aliases used for identifying specific hacking groups through their security platforms.
The initiative involves creating a reference guide that maps out common names for hacking groups as used by both companies, which will allow for streamlined sharing and understanding of threat data.
This collaboration does not aim to create a universal naming standard, but rather facilitates better communication and rapid response by allowing security teams to translate terminology across different systems.
The partnership has already addressed the naming conventions for over 80 significant and active threat actors through direct, analyst-led efforts.
Additional cybersecurity firms, including Google/Mandiant and Palo Alto Networks' Unit 42, are contributing to this initiative, with the potential for more companies to join.
The ultimate goal of this initiative is to offer clearer attribution and enhance the ability for network defenders to track and counteract malicious activities efficiently, reducing confusion in overlapping threat actor tracking.
According to leaders from both Microsoft and CrowdStrike, the success of this mapping project depends on it becoming a broad, community-led effort.