Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-06-09MicrosoftRob Mead, Tom McElroy
Web shell threat hunting with Azure Sentinel and Microsoft Threat Protection
2020-05-28Bleeping ComputerAx Sharma
Microsoft IIS servers hacked by Blue Mockingbird to mine Monero
2020-04-28MicrosoftMicrosoft Threat Protection Intelligence Team
Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk
LockBit Mailto Maze MedusaLocker Paradise RagnarLocker REvil RobinHood
2020-04-03Bleeping ComputerSergiu Gatlan
Microsoft: Emotet Took Down a Network by Overheating All Computers
Emotet
2020-03-23MicrosoftMicrosoft Defender ATP Research Team
Latest Astaroth living-off-the-land attacks are even more invisible but not less observable
Astaroth
2020-03-10BitSightValter Santos
Joint Effort with Microsoft to Disrupt Massive Criminal Botnet Necurs
Necurs
2020-03-10MicrosoftTom Burt
New action to disrupt world’s largest online criminal network
Necurs
2020-03-05MicrosoftMicrosoft Threat Protection Intelligence Team
Human-operated ransomware attacks: A preventable disaster
Dharma DoppelPaymer Dridex EternalPetya Gandcrab Hermes LockerGoga MegaCortex MimiKatz REvil RobinHood Ryuk SamSam TrickBot WannaCryptor PARINACOTA
2020-01-21MicrosoftMicrosoft Defender ATP Research Team
sLoad launches version 2.0, Starslord
sLoad
2019-12-18US District Court for the Eastern District of Virginia
MICROSOFT CORPORATION, Plaintiff, v. JOHN DOES 1-2, CONTROLLING A COMPUTER NETWORK THEREBY INJURING PLAINTIFF AND ITS CUSTOMERS
BabyShark Kimsuky
2019-12-12MicrosoftMicrosoft Threat Intelligence Center
GALLIUM: Targeting global telecom
CHINACHOPPER Ghost RAT HTran MimiKatz Poison Ivy GALLIUM
2019-11-26MicrosoftMicrosoft Defender ATP Research Team
Insights from one year of tracking a polymorphic threat
Dexphot
2019-10-21ESET ResearchMathieu Tartare
Winnti Group’s skip‑2.0: A Microsoft SQL Server backdoor
LOWKEY skip-2.0
2019-09-26MicrosoftMicrosoft Defender ATP Research Team
Bring your own LOLBin: Multi-stage, fileless Nodersok campaign delivers rare Node.js-based malware
Divergent
2019-09-26ProofpointBryan Campbell, Jeremy Hedges, Proofpoint Threat Insight Team
New WhiteShadow downloader uses Microsoft SQL to retrieve malware
WhiteShadow Agent Tesla Azorult Crimson RAT Formbook Nanocore RAT NetWire RC NjRAT Remcos
2019-08-05MicrosoftMSRC Team
Corporate IoT – a path to intrusion (APT28/STRONTIUM)
VPNFilter
2019-07-08MicrosoftMicrosoft Defender ATP Research Team
Dismantling a fileless campaign: Microsoft Defender ATP’s Antivirus exposes Astaroth attack
Astaroth
2019-06-05FireEyeSwapnil Patil
Government Sector in Central Asia Targeted With New HAWKBALL Backdoor Delivered via Microsoft Office Vulnerabilities
HAWKBALL
2019-04-10MicrosoftMicrosoft
Analysis of a targeted attack exploiting the WinRAR CVE-2018-20250 vulnerability
2019-03-27MicrosoftTom Burt
New steps to protect customers from hacking
APT35 Charming Kitten Cleaver