Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2019-02-20Washington PostElizabeth Dwoskin, Craig Timberg
@online{dwoskin:20190220:microsoft:9d4cb73, author = {Elizabeth Dwoskin and Craig Timberg}, title = {{Microsoft says it has found another Russian operation targeting prominent think tanks}}, date = {2019-02-20}, organization = {Washington Post}, url = {https://www.washingtonpost.com/technology/2019/02/20/microsoft-says-it-has-found-another-russian-operation-targeting-prominent-think-tanks/?utm_term=.870ff11468ae}, language = {English}, urldate = {2019-11-29} } Microsoft says it has found another Russian operation targeting prominent think tanks
Sofacy
2019-01-21Microsoft Security IntelligenceMicrosoft
@online{microsoft:20190121:hacktoolwin32remoteadmin:b0c34fd, author = {Microsoft}, title = {{HackTool:Win32/RemoteAdmin}}, date = {2019-01-21}, organization = {Microsoft Security Intelligence}, url = {https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=hacktool:win32/remoteadmin&ThreatID=2147731874}, language = {English}, urldate = {2020-05-18} } HackTool:Win32/RemoteAdmin
RemoteAdmin
2018-12-03MicrosoftMicrosoft Defender ATP Research Team
@online{team:20181203:analysis:828df29, author = {Microsoft Defender ATP Research Team}, title = {{Analysis of cyberattack on U.S. think tanks, non-profits, public sector by unidentified attackers}}, date = {2018-12-03}, organization = {Microsoft}, url = {https://cloudblogs.microsoft.com/microsoftsecure/2018/12/03/analysis-of-cyberattack-on-u-s-think-tanks-non-profits-public-sector-by-unidentified-attackers/}, language = {English}, urldate = {2020-01-09} } Analysis of cyberattack on U.S. think tanks, non-profits, public sector by unidentified attackers
APT 29
2018-08-21BBCBBC News
@online{news:20180821:microsoft:f0674db, author = {BBC News}, title = {{Microsoft claims win over 'Russian political hackers'}}, date = {2018-08-21}, organization = {BBC}, url = {https://www.bbc.co.uk/news/technology-45257081}, language = {English}, urldate = {2019-10-30} } Microsoft claims win over 'Russian political hackers'
Sofacy
2018-08-21Bleeping ComputerCatalin Cimpanu
@online{cimpanu:20180821:microsoft:bc5c2f0, author = {Catalin Cimpanu}, title = {{Microsoft Disrupts APT28 Hacking Campaign Aimed at US Midterm Elections}}, date = {2018-08-21}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/microsoft-disrupts-apt28-hacking-campaign-aimed-at-us-midterm-elections/}, language = {English}, urldate = {2019-12-20} } Microsoft Disrupts APT28 Hacking Campaign Aimed at US Midterm Elections
Sofacy
2018-08-20MicrosoftBrad Smith
@online{smith:20180820:we:2a387d2, author = {Brad Smith}, title = {{We are taking new steps against broadening threats to democracy}}, date = {2018-08-20}, organization = {Microsoft}, url = {https://blogs.microsoft.com/on-the-issues/2018/08/20/we-are-taking-new-steps-against-broadening-threats-to-democracy/}, language = {English}, urldate = {2020-01-06} } We are taking new steps against broadening threats to democracy
Sofacy
2018-07-26FireEyeSwapnil Patil
@online{patil:20180726:microsoft:f03d7c7, author = {Swapnil Patil}, title = {{Microsoft Office Vulnerabilities Used to Distribute FELIXROOT Backdoor in Recent Campaign}}, date = {2018-07-26}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2018/07/microsoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html}, language = {English}, urldate = {2019-12-20} } Microsoft Office Vulnerabilities Used to Distribute FELIXROOT Backdoor in Recent Campaign
Felixroot
2018-07-11MicrosoftOffice 365 Threat Research
@online{research:20180711:hawkeye:c74affb, author = {Office 365 Threat Research}, title = {{Hawkeye Keylogger – Reborn v8: An in-depth campaign analysis}}, date = {2018-07-11}, organization = {Microsoft}, url = {https://cloudblogs.microsoft.com/microsoftsecure/2018/07/11/hawkeye-keylogger-reborn-v8-an-in-depth-campaign-analysis/}, language = {English}, urldate = {2019-11-27} } Hawkeye Keylogger – Reborn v8: An in-depth campaign analysis
HawkEye Keylogger
2018-04-16SpamhausSpamhaus Malware Labs
@online{labs:20180416:smoke:b91b833, author = {Spamhaus Malware Labs}, title = {{Smoke Loader malware improves after Microsoft spoils its Campaign}}, date = {2018-04-16}, organization = {Spamhaus}, url = {https://www.spamhaus.org/news/article/774/smoke-loader-improves-encryption-after-microsoft-spoils-its-campaign}, language = {English}, urldate = {2020-01-08} } Smoke Loader malware improves after Microsoft spoils its Campaign
SmokeLoader
2018-04-04MicrosoftMicrosoft Defender ATP Research Team
@online{team:20180404:hunting:fe0f809, author = {Microsoft Defender ATP Research Team}, title = {{Hunting down Dofoil with Windows Defender ATP}}, date = {2018-04-04}, organization = {Microsoft}, url = {https://cloudblogs.microsoft.com/microsoftsecure/2018/04/04/hunting-down-dofoil-with-windows-defender-atp/}, language = {English}, urldate = {2020-01-08} } Hunting down Dofoil with Windows Defender ATP
SmokeLoader
2018-03-01MicrosoftOffice 365 Threat Research Team, Microsoft Defender ATP Research Team
@online{team:20180301:finfisher:e1de78f, author = {Office 365 Threat Research Team and Microsoft Defender ATP Research Team}, title = {{FinFisher exposed: A researcher’s tale of defeating traps, tricks, and complex virtual machines}}, date = {2018-03-01}, organization = {Microsoft}, url = {https://cloudblogs.microsoft.com/microsoftsecure/2018/03/01/finfisher-exposed-a-researchers-tale-of-defeating-traps-tricks-and-complex-virtual-machines/}, language = {English}, urldate = {2020-01-08} } FinFisher exposed: A researcher’s tale of defeating traps, tricks, and complex virtual machines
FinFisher RAT
2018-01-17FireEyeSwapnil Patil, Yogesh Londhe
@online{patil:20180117:microsoft:f1f50e0, author = {Swapnil Patil and Yogesh Londhe}, title = {{Microsoft Office Vulnerabilities Used to Distribute Zyklon Malware in Recent Campaign}}, date = {2018-01-17}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2018/01/microsoft-office-vulnerabilities-used-to-distribute-zyklon-malware.html}, language = {English}, urldate = {2019-12-20} } Microsoft Office Vulnerabilities Used to Distribute Zyklon Malware in Recent Campaign
Zyklon
2017-12-04MicrosoftMicrosoft Defender ATP Research Team, Microsoft Digital Crimes Unit
@online{team:20171204:microsoft:0cab56d, author = {Microsoft Defender ATP Research Team and Microsoft Digital Crimes Unit}, title = {{Microsoft teams up with law enforcement and other partners to disrupt Gamarue (Andromeda)}}, date = {2017-12-04}, organization = {Microsoft}, url = {https://blogs.technet.microsoft.com/mmpc/2017/12/04/microsoft-teams-up-with-law-enforcement-and-other-partners-to-disrupt-gamarue-andromeda/}, language = {English}, urldate = {2020-01-13} } Microsoft teams up with law enforcement and other partners to disrupt Gamarue (Andromeda)
Andromeda
2017-11-06MicrosoftMicrosoft Defender ATP Research Team
@online{team:20171106:mitigating:f52d1d9, author = {Microsoft Defender ATP Research Team}, title = {{Mitigating and eliminating info-stealing Qakbot and Emotet in corporate networks}}, date = {2017-11-06}, organization = {Microsoft}, url = {https://cloudblogs.microsoft.com/microsoftsecure/2017/11/06/mitigating-and-eliminating-info-stealing-qakbot-and-emotet-in-corporate-networks/?source=mmpc}, language = {English}, urldate = {2019-12-18} } Mitigating and eliminating info-stealing Qakbot and Emotet in corporate networks
Emotet
2017-11-06MicrosoftMicrosoft Defender ATP Research Team
@online{team:20171106:mitigating:b623a70, author = {Microsoft Defender ATP Research Team}, title = {{Mitigating and eliminating info-stealing Qakbot and Emotet in corporate networks}}, date = {2017-11-06}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2017/11/06/mitigating-and-eliminating-info-stealing-qakbot-and-emotet-in-corporate-networks/}, language = {English}, urldate = {2020-10-23} } Mitigating and eliminating info-stealing Qakbot and Emotet in corporate networks
Emotet QakBot
2017-09-15MicrosoftMicrosoft
@online{microsoft:20170915:trojanspywin32usteal:a2a860e, author = {Microsoft}, title = {{TrojanSpy:Win32/Usteal}}, date = {2017-09-15}, organization = {Microsoft}, url = {https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=TrojanSpy:Win32/Usteal}, language = {English}, urldate = {2020-01-08} } TrojanSpy:Win32/Usteal
UFR Stealer
2017-09-15MicrosoftMicrosoft
@online{microsoft:20170915:trojanwin32spyeye:c1c6062, author = {Microsoft}, title = {{Trojan:Win32/Spyeye}}, date = {2017-09-15}, organization = {Microsoft}, url = {https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Trojan%3AWin32%2FSpyeye}, language = {English}, urldate = {2019-11-24} } Trojan:Win32/Spyeye
SpyEye
2017-09-15Microsoft Security IntelligenceJireh Sanico
@online{sanico:20170915:trojandownloaderwin32banload:01d40c5, author = {Jireh Sanico}, title = {{TrojanDownloader:Win32/Banload}}, date = {2017-09-15}, organization = {Microsoft Security Intelligence}, url = {https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?name=TrojanDownloader%3AWin32%2FBanload}, language = {English}, urldate = {2019-10-26} } TrojanDownloader:Win32/Banload
Banload
2017-09-15Microsoft Security IntelligenceMicrosoft
@online{microsoft:20170915:trojanwin32enviserva:6ea9ea7, author = {Microsoft}, title = {{Trojan:Win32/Enviserv.A}}, date = {2017-09-15}, organization = {Microsoft Security Intelligence}, url = {https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Trojan:Win32/Enviserv.A}, language = {English}, urldate = {2020-07-03} } Trojan:Win32/Enviserv.A
Enviserv
2017-06-29MicrosoftMicrosoft Defender ATP Research Team
@online{team:20170629:windows:f957ff3, author = {Microsoft Defender ATP Research Team}, title = {{Windows 10 platform resilience against the Petya ransomware attack}}, date = {2017-06-29}, organization = {Microsoft}, url = {https://blogs.technet.microsoft.com/mmpc/2017/06/29/windows-10-platform-resilience-against-the-petya-ransomware-attack/}, language = {English}, urldate = {2020-01-07} } Windows 10 platform resilience against the Petya ransomware attack
EternalPetya