Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-09-10MicrosoftTom Burt
@online{burt:20200910:new:ec117be, author = {Tom Burt}, title = {{New cyberattacks targeting U.S. elections}}, date = {2020-09-10}, organization = {Microsoft}, url = {https://blogs.microsoft.com/on-the-issues/2020/09/10/cyberattacks-us-elections-trump-biden/}, language = {English}, urldate = {2020-09-10} } New cyberattacks targeting U.S. elections
2020-09-10MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
@online{mstic:20200910:strontium:eeaafcd, author = {Microsoft Threat Intelligence Center (MSTIC)}, title = {{STRONTIUM: Detecting new patterns in credential harvesting}}, date = {2020-09-10}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2020/09/10/strontium-detecting-new-patters-credential-harvesting/}, language = {English}, urldate = {2020-09-15} } STRONTIUM: Detecting new patterns in credential harvesting
Sofacy
2020-09-08MicrosoftYossi Weizman, Ross Bevington
@online{weizman:20200908:teamtnt:3986c51, author = {Yossi Weizman and Ross Bevington}, title = {{TeamTNT activity targets Weave Scope deployments}}, date = {2020-09-08}, organization = {Microsoft}, url = {https://techcommunity.microsoft.com/t5/azure-security-center/teamtnt-activity-targets-weave-scope-deployments/ba-p/1645968}, language = {English}, urldate = {2020-09-15} } TeamTNT activity targets Weave Scope deployments
2020-08-27Twitter (@MsftSecIntel)Microsoft Security Intelligence
@online{intelligence:20200827:anubis:e53422c, author = {Microsoft Security Intelligence}, title = {{Tweet on Anubis Stealer}}, date = {2020-08-27}, organization = {Twitter (@MsftSecIntel)}, url = {https://twitter.com/MsftSecIntel/status/1298752223321546754}, language = {English}, urldate = {2020-09-01} } Tweet on Anubis Stealer
Anubis
2020-07-25ESTsecurityAlyac
@online{alyac:20200725:special:ca84b90, author = {Alyac}, title = {{[Special Report] Thallium Group sued by Microsoft in the US, threatens 'Fake Striker' APT campaign against South Korea}}, date = {2020-07-25}, organization = {ESTsecurity}, url = {https://blog.alyac.co.kr/3120}, language = {Korean}, urldate = {2020-07-30} } [Special Report] Thallium Group sued by Microsoft in the US, threatens 'Fake Striker' APT campaign against South Korea
2020-07-13MicrosoftHeike Ritter
@online{ritter:20200713:become:3567997, author = {Heike Ritter}, title = {{Become a Microsoft Defender ATP Ninja}}, date = {2020-07-13}, organization = {Microsoft}, url = {https://techcommunity.microsoft.com/t5/microsoft-defender-atp/become-a-microsoft-defender-atp-ninja/ba-p/1515647}, language = {English}, urldate = {2020-07-15} } Become a Microsoft Defender ATP Ninja
2020-07-07MicrosoftTom Burt
@online{burt:20200707:microsoft:3300f46, author = {Tom Burt}, title = {{Microsoft takes legal action against COVID-19-related cybercrime}}, date = {2020-07-07}, organization = {Microsoft}, url = {https://blogs.microsoft.com/on-the-issues/2020/07/07/digital-crimes-unit-covid-19-cybercrime/}, language = {English}, urldate = {2020-07-08} } Microsoft takes legal action against COVID-19-related cybercrime
2020-06-18MicrosoftMicrosoft Threat Protection Intelligence Team
@online{team:20200618:inside:4d53bcc, author = {Microsoft Threat Protection Intelligence Team}, title = {{Inside Microsoft Threat Protection: Mapping attack chains from cloud to endpoint (APT33/HOLMIUM)}}, date = {2020-06-18}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2020/06/18/inside-microsoft-threat-protection-mapping-attack-chains-from-cloud-to-endpoint/}, language = {English}, urldate = {2020-06-19} } Inside Microsoft Threat Protection: Mapping attack chains from cloud to endpoint (APT33/HOLMIUM)
POWERTON
2020-06-17Twitter (@MsftSecIntel)Microsoft Security Intelligence
@online{intelligence:20200617:thread:b4b74d5, author = {Microsoft Security Intelligence}, title = {{A tweet thread on TA505 using CAPTCHA to avoid detection and infecting victims with FlawedGrace}}, date = {2020-06-17}, organization = {Twitter (@MsftSecIntel)}, url = {https://twitter.com/MsftSecIntel/status/1273359829390655488}, language = {English}, urldate = {2020-06-18} } A tweet thread on TA505 using CAPTCHA to avoid detection and infecting victims with FlawedGrace
FlawedGrace
2020-06-16MicrosoftMicrosoft Threat Protection Intelligence Team
@online{team:20200616:exploiting:3cb9ac3, author = {Microsoft Threat Protection Intelligence Team}, title = {{Exploiting a crisis: How cybercriminals behaved during the outbreak}}, date = {2020-06-16}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2020/06/16/exploiting-a-crisis-how-cybercriminals-behaved-during-the-outbreak/}, language = {English}, urldate = {2020-06-17} } Exploiting a crisis: How cybercriminals behaved during the outbreak
2020-06-10MicrosoftYossi Weizman
@online{weizman:20200610:misconfigured:4ca63a9, author = {Yossi Weizman}, title = {{Misconfigured Kubeflow workloads are a security risk}}, date = {2020-06-10}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2020/06/10/misconfigured-kubeflow-workloads-are-a-security-risk/}, language = {English}, urldate = {2020-06-11} } Misconfigured Kubeflow workloads are a security risk
2020-06-09MicrosoftRob Mead, Tom McElroy
@online{mead:20200609:web:825fd05, author = {Rob Mead and Tom McElroy}, title = {{Web shell threat hunting with Azure Sentinel and Microsoft Threat Protection}}, date = {2020-06-09}, organization = {Microsoft}, url = {https://techcommunity.microsoft.com/t5/azure-sentinel/web-shell-threat-hunting-with-azure-sentinel-and-microsoft/ba-p/1448065}, language = {English}, urldate = {2020-06-10} } Web shell threat hunting with Azure Sentinel and Microsoft Threat Protection
2020-05-28Bleeping ComputerAx Sharma
@online{sharma:20200528:microsoft:b02ddb1, author = {Ax Sharma}, title = {{Microsoft IIS servers hacked by Blue Mockingbird to mine Monero}}, date = {2020-05-28}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/microsoft-iis-servers-hacked-by-blue-mockingbird-to-mine-monero/}, language = {English}, urldate = {2020-06-02} } Microsoft IIS servers hacked by Blue Mockingbird to mine Monero
2020-04-28MicrosoftMicrosoft Threat Protection Intelligence Team
@online{team:20200428:ransomware:3205f3a, author = {Microsoft Threat Protection Intelligence Team}, title = {{Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk}}, date = {2020-04-28}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2020/04/28/ransomware-groups-continue-to-target-healthcare-critical-services-heres-how-to-reduce-risk/}, language = {English}, urldate = {2020-05-05} } Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk
LockBit Mailto Maze MedusaLocker Paradise Ransomware RagnarLocker REvil RobinHood
2020-04-03Bleeping ComputerSergiu Gatlan
@online{gatlan:20200403:microsoft:c12a844, author = {Sergiu Gatlan}, title = {{Microsoft: Emotet Took Down a Network by Overheating All Computers}}, date = {2020-04-03}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/microsoft-emotet-took-down-a-network-by-overheating-all-computers/}, language = {English}, urldate = {2020-04-08} } Microsoft: Emotet Took Down a Network by Overheating All Computers
Emotet
2020-03-23MicrosoftMicrosoft Defender ATP Research Team
@online{team:20200323:latest:c58e3ed, author = {Microsoft Defender ATP Research Team}, title = {{Latest Astaroth living-off-the-land attacks are even more invisible but not less observable}}, date = {2020-03-23}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2020/03/23/latest-astaroth-living-off-the-land-attacks-are-even-more-invisible-but-not-less-observable/}, language = {English}, urldate = {2020-03-26} } Latest Astaroth living-off-the-land attacks are even more invisible but not less observable
Astaroth
2020-03-10MicrosoftTom Burt
@online{burt:20200310:new:251948a, author = {Tom Burt}, title = {{New action to disrupt world’s largest online criminal network}}, date = {2020-03-10}, organization = {Microsoft}, url = {https://blogs.microsoft.com/on-the-issues/2020/03/10/necurs-botnet-cyber-crime-disrupt/}, language = {English}, urldate = {2020-03-11} } New action to disrupt world’s largest online criminal network
Necurs
2020-03-05MicrosoftMicrosoft Threat Protection Intelligence Team
@online{team:20200305:humanoperated:d90a28e, author = {Microsoft Threat Protection Intelligence Team}, title = {{Human-operated ransomware attacks: A preventable disaster}}, date = {2020-03-05}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2020/03/05/human-operated-ransomware-attacks-a-preventable-disaster/}, language = {English}, urldate = {2020-03-06} } Human-operated ransomware attacks: A preventable disaster
Dharma DoppelPaymer Dridex EternalPetya Gandcrab Hermes LockerGoga MegaCortex MimiKatz REvil RobinHood Ryuk SamSam TrickBot WannaCryptor
2020-01-21MicrosoftMicrosoft Defender ATP Research Team
@online{team:20200121:sload:2a2962b, author = {Microsoft Defender ATP Research Team}, title = {{sLoad launches version 2.0, Starslord}}, date = {2020-01-21}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2020/01/21/sload-launches-version-2-0-starslord/}, language = {English}, urldate = {2020-01-22} } sLoad launches version 2.0, Starslord
sLoad
2019-12-18US District Court for the Eastern District of Virginia
@online{virginia:20191218:microsoft:0576bc3, author = {US District Court for the Eastern District of Virginia}, title = {{MICROSOFT CORPORATION, Plaintiff, v. JOHN DOES 1-2, CONTROLLING A COMPUTER NETWORK THEREBY INJURING PLAINTIFF AND ITS CUSTOMERS}}, date = {2019-12-18}, url = {https://www.bloomberglaw.com/document/public/subdoc/X67FPNDOUBV9VOPS35A4864BFIU?imagename=1}, language = {English}, urldate = {2020-04-28} } MICROSOFT CORPORATION, Plaintiff, v. JOHN DOES 1-2, CONTROLLING A COMPUTER NETWORK THEREBY INJURING PLAINTIFF AND ITS CUSTOMERS
BabyShark Kimsuky