How cyberattacks are changing according to new Microsoft Digital Defense Report
Get the latest expert insights on human-operated ransomware, phishing attacks, malware, and more to get ahead of these threats before they begin.
Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability
This blog details our in-depth analysis of the attacks that used the CVE-2021-40444, provides detection details and investigation guidance for Microsoft 365 Defender customers, and lists mitigation steps for hardening networks against this and similar attacks.
3 steps to prevent and recover from ransomware
Learn real-world steps for protecting against the latest ransomware and other malicious cyberattacks.
Microsoft at Black Hat 2021: Sessions, bug bounty updates, product news, and more
Get previews of Microsoft’s latest security solutions, information on virtual sessions, and more for Black Hat 2021.
Strategies, tools, and frameworks for building an effective threat intelligence team
Red Canary Director of Intelligence Katie Nickels shares her thoughts on strategies, tools, and frameworks to build an effective threat intelligence team.
Phorpiex morphs: How a longstanding botnet persists and thrives in the current threat environment
Phorpiex, an enduring botnet known for extortion campaigns and for using old-fashioned worms, began diversifying its infrastructure in recent years to become more resilient and to deliver more dangerous payloads. Today, the Phorphiex botnet continues to maintain a large network of bots and generates wide-ranging malicious activities. These activities have expanded to include cryptocurrency mining.
Gartner names Microsoft a Leader in the 2021 Endpoint Protection Platforms Magic Quadrant
We are so grateful to our customers who have collaborated with us in creating one of the best endpoint security solutions on the market and are thrilled that Gartner has recognized this work and the journey we’ve taken alongside our customers by naming Microsoft a Leader in the 2021 Endpoint Protection Platforms (EPP) Magic Quadrant,
Analyzing attacks taking advantage of the Exchange Server vulnerabilities
Microsoft continues to monitor and investigate attacks exploiting the recent on-premises Exchange Server vulnerabilities. As organizations recover from this incident, we continue to publish guidance and share threat intelligence to help detect and evict threat actors from affected environments.
Protecting on-premises Exchange Servers against recent attacks
For the past few weeks, Microsoft and others in the security industry have seen an increase in attacks against on-premises Exchange servers. The target of these attacks is a type of email server most often used by small and medium-sized businesses, although larger organizations with on-premises Exchange servers have also been affected.
Microsoft brings advanced hardware security to Server and Edge with Secured-core
Microsoft is collaborating with partners to expand Secured-core to Windows Server, Azure Stack HCI, and Azure-certified IoT devices.
What tracking an attacker email infrastructure tells us about persistent cybercriminal operations
Sweeping research into massive attacker infrastructures, as well as our real-time monitoring of malware campaigns and attacker activity, directly inform Microsoft security solutions, allowing us to build or improve protections that block malware campaigns and other email threats, both current and future, as well as provide enterprises with the tools for investigating and responding to
Afternoon Cyber Tea: Peak, Plateau, or Plummet? Cyber security trends that are here to stay and how to detect and recover from ransomware attacks
The rapidity of change in the cyberthreat landscape can be daunting for today’s cyber defense teams. Just as they perfect the ability to block one attack method, adversaries change their approach.