Microsoft has made a definitive link between MEDoc and initial distribution of the Petya ransomware. Kaspersky Lab, meanwhile, has identified a Ukrainian government website used in a watering hole attack.