Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-09-06MicrosoftMicrosoft Security Response Center (MSRC)
@online{msrc:20230906:results:7ed992f, author = {Microsoft Security Response Center (MSRC)}, title = {{Results of Major Technical Investigations for Storm-0558 Key Acquisition}}, date = {2023-09-06}, organization = {Microsoft}, url = {https://msrc.microsoft.com/blog/2023/09/results-of-major-technical-investigations-for-storm-0558-key-acquisition}, language = {English}, urldate = {2023-09-11} } Results of Major Technical Investigations for Storm-0558 Key Acquisition
2023-03-02Youtube (Microsoft Security Response Center (MSRC))Daniel Taylor, Ben Magee
@online{taylor:20230302:bluehat:cdd75a0, author = {Daniel Taylor and Ben Magee}, title = {{BlueHat 2023: Hunting Qakbot with Daniel Taylor & Ben Magee}}, date = {2023-03-02}, organization = {Youtube (Microsoft Security Response Center (MSRC))}, url = {https://www.youtube.com/watch?v=OCRyEUhiEyw}, language = {English}, urldate = {2023-04-18} } BlueHat 2023: Hunting Qakbot with Daniel Taylor & Ben Magee
QakBot
2022-07-27MicrosoftMicrosoft Threat Intelligence Center (MSTIC), Microsoft Security Response Center (MSRC), RiskIQ
@online{mstic:20220727:untangling:27dd5d0, author = {Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC) and RiskIQ}, title = {{Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits}}, date = {2022-07-27}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2022/07/27/untangling-knotweed-european-private-sector-offensive-actor-using-0-day-exploits/}, language = {English}, urldate = {2022-08-15} } Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits
Subzero
2021-03-15MicrosoftMicrosoft Security Response Center
@online{center:20210315:oneclick:cafd441, author = {Microsoft Security Response Center}, title = {{One-Click Microsoft Exchange On-Premises Mitigation Tool – March 2021}}, date = {2021-03-15}, organization = {Microsoft}, url = {https://msrc-blog.microsoft.com/2021/03/15/one-click-microsoft-exchange-on-premises-mitigation-tool-march-2021/}, language = {English}, urldate = {2021-03-22} } One-Click Microsoft Exchange On-Premises Mitigation Tool – March 2021
2020-12-17MicrosoftBrad Smith
@online{smith:20201217:moment:cd1089e, author = {Brad Smith}, title = {{A moment of reckoning: the need for a strong and global cybersecurity response}}, date = {2020-12-17}, organization = {Microsoft}, url = {https://blogs.microsoft.com/on-the-issues/2020/12/17/cyberattacks-cybersecurity-solarwinds-fireeye/}, language = {English}, urldate = {2020-12-18} } A moment of reckoning: the need for a strong and global cybersecurity response
SUNBURST
2020-12-13MicrosoftMicrosoft Security Response Center
@online{center:20201213:customer:1f4f734, author = {Microsoft Security Response Center}, title = {{Customer Guidance on Recent Nation-State Cyber Attacks}}, date = {2020-12-13}, organization = {Microsoft}, url = {https://msrc-blog.microsoft.com/2020/12/13/customer-guidance-on-recent-nation-state-cyber-attacks/}, language = {English}, urldate = {2020-12-14} } Customer Guidance on Recent Nation-State Cyber Attacks
2019-09-18SymantecSecurity Response Attack Investigation Team
@online{team:20190918:tortoiseshell:4881fc1, author = {Security Response Attack Investigation Team}, title = {{Tortoiseshell Group Targets IT Providers in Saudi Arabia in Probable Supply Chain Attacks}}, date = {2019-09-18}, organization = {Symantec}, url = {https://www.symantec.com/blogs/threat-intelligence/tortoiseshell-apt-supply-chain}, language = {English}, urldate = {2020-01-13} } Tortoiseshell Group Targets IT Providers in Saudi Arabia in Probable Supply Chain Attacks
SysKit Tortoiseshell
2019-08-19EST SecurityEast Security Response Center
@online{center:20190819:konni:5af29f8, author = {East Security Response Center}, title = {{Konni APT organization emerges as an attack disguised as Russian document}}, date = {2019-08-19}, organization = {EST Security}, url = {https://blog.alyac.co.kr/2474}, language = {Korean}, urldate = {2020-01-20} } Konni APT organization emerges as an attack disguised as Russian document
Konni
2019-05-07SymantecSecurity Response Attack Investigation Team
@online{team:20190507:buckeye:a4cf7d8, author = {Security Response Attack Investigation Team}, title = {{Buckeye: Espionage Outfit Used Equation Group Tools Prior to Shadow Brokers Leak}}, date = {2019-05-07}, organization = {Symantec}, url = {https://www.symantec.com/blogs/threat-intelligence/buckeye-windows-zero-day-exploit}, language = {English}, urldate = {2020-01-13} } Buckeye: Espionage Outfit Used Equation Group Tools Prior to Shadow Brokers Leak
DoublePulsar
2019-03-27SymantecSecurity Response Attack Investigation Team
@online{team:20190327:elfin:836cc39, author = {Security Response Attack Investigation Team}, title = {{Elfin: Relentless Espionage Group Targets Multiple Organizations in Saudi Arabia and U.S.}}, date = {2019-03-27}, organization = {Symantec}, url = {https://www.symantec.com/blogs/threat-intelligence/elfin-apt33-espionage}, language = {English}, urldate = {2020-01-06} } Elfin: Relentless Espionage Group Targets Multiple Organizations in Saudi Arabia and U.S.
DarkComet Nanocore RAT pupy Quasar RAT Remcos TURNEDUP APT33
2019-03-06SymantecSecurity Response Attack Investigation Team
@online{team:20190306:whitefly:6afdd55, author = {Security Response Attack Investigation Team}, title = {{Whitefly: Espionage Group has Singapore in Its Sights}}, date = {2019-03-06}, organization = {Symantec}, url = {https://www.symantec.com/blogs/threat-intelligence/whitefly-espionage-singapore}, language = {English}, urldate = {2020-01-08} } Whitefly: Espionage Group has Singapore in Its Sights
Whitefly
2018-12-14SymantecSecurity Response Attack Investigation Team
@online{team:20181214:shamoon:5c1ab4d, author = {Security Response Attack Investigation Team}, title = {{Shamoon: Destructive Threat Re-Emerges with New Sting in its Tail}}, date = {2018-12-14}, organization = {Symantec}, url = {https://www.symantec.com/blogs/threat-intelligence/shamoon-destructive-threat-re-emerges-new-sting-its-tail}, language = {English}, urldate = {2020-01-13} } Shamoon: Destructive Threat Re-Emerges with New Sting in its Tail
OilRig
2018-11-08SymantecSecurity Response Attack Investigation Team
@online{team:20181108:fastcash:ee26edb, author = {Security Response Attack Investigation Team}, title = {{FASTCash: How the Lazarus Group is Emptying Millions from ATMs}}, date = {2018-11-08}, organization = {Symantec}, url = {https://www.symantec.com/blogs/threat-intelligence/fastcash-lazarus-atm-malware}, language = {English}, urldate = {2022-05-03} } FASTCash: How the Lazarus Group is Emptying Millions from ATMs
FastCash Lazarus Group
2018-10-10SymantecSecurity Response Attack Investigation Team
@online{team:20181010:gallmaker:e069f48, author = {Security Response Attack Investigation Team}, title = {{Gallmaker: New Attack Group Eschews Malware to Live off the Land}}, date = {2018-10-10}, organization = {Symantec}, url = {https://www.symantec.com/blogs/threat-intelligence/gallmaker-attack-group}, language = {English}, urldate = {2019-11-27} } Gallmaker: New Attack Group Eschews Malware to Live off the Land
Gallmaker
2018-10-04SymantecSecurity Response Attack Investigation Team
@online{team:20181004:apt28:f5e15cf, author = {Security Response Attack Investigation Team}, title = {{APT28: New Espionage Operations Target Military and Government Organizations}}, date = {2018-10-04}, organization = {Symantec}, url = {https://www.symantec.com/blogs/election-security/apt28-espionage-military-government}, language = {English}, urldate = {2019-11-23} } APT28: New Espionage Operations Target Military and Government Organizations
XTunnel
2018-07-25SymantecSecurity Response Attack Investigation Team, Network Protection Security Labs
@online{team:20180725:leafminer:703a0ae, author = {Security Response Attack Investigation Team and Network Protection Security Labs}, title = {{Leafminer: New Espionage Campaigns Targeting Middle Eastern Regions}}, date = {2018-07-25}, organization = {Symantec}, url = {https://www.symantec.com/blogs/threat-intelligence/leafminer-espionage-middle-east}, language = {English}, urldate = {2019-12-19} } Leafminer: New Espionage Campaigns Targeting Middle Eastern Regions
Imecab Sorgu RASPITE
2018-07-18SymantecSecurity Response Attack Investigation Team
@online{team:20180718:evolution:25e5d39, author = {Security Response Attack Investigation Team}, title = {{The Evolution of Emotet: From Banking Trojan to Threat Distributor}}, date = {2018-07-18}, organization = {Symantec}, url = {https://www.symantec.com/blogs/threat-intelligence/evolution-emotet-trojan-distributor}, language = {English}, urldate = {2019-11-27} } The Evolution of Emotet: From Banking Trojan to Threat Distributor
Emotet
2018-06-19SymantecSecurity Response Attack Investigation Team
@online{team:20180619:thrip:4662184, author = {Security Response Attack Investigation Team}, title = {{Thrip: Espionage Group Hits Satellite, Telecoms, and Defense Companies}}, date = {2018-06-19}, organization = {Symantec}, url = {https://www.symantec.com/blogs/threat-intelligence/thrip-hits-satellite-telecoms-defense-targets}, language = {English}, urldate = {2020-01-09} } Thrip: Espionage Group Hits Satellite, Telecoms, and Defense Companies
Catchamas Rikamanu Spedear WMI Ghost Thrip
2018-05-23SymantecSymantec Security Response Team
@online{team:20180523:vpnfilter:1e6942e, author = {Symantec Security Response Team}, title = {{VPNFilter: New Router Malware with Destructive Capabilities}}, date = {2018-05-23}, organization = {Symantec}, url = {https://www.symantec.com/blogs/threat-intelligence/vpnfilter-iot-malware}, language = {English}, urldate = {2019-12-17} } VPNFilter: New Router Malware with Destructive Capabilities
VPNFilter
2018-04-23SymantecSecurity Response Attack Investigation Team
@online{team:20180423:new:7b44d39, author = {Security Response Attack Investigation Team}, title = {{New Orangeworm attack group targets the healthcare sector in the U.S., Europe, and Asia}}, date = {2018-04-23}, organization = {Symantec}, url = {https://www.symantec.com/blogs/threat-intelligence/orangeworm-targets-healthcare-us-europe-asia}, language = {English}, urldate = {2020-01-13} } New Orangeworm attack group targets the healthcare sector in the U.S., Europe, and Asia
Kwampirs Orangeworm