Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability
Microsoft is tracking threats taking advantage of the remote code execution (RCE) vulnerability in Apache Log4j 2.
Ransomware
Refine results
Topic
Products and services
Publish date
Simplify endpoint management with Microsoft Intune
Microsoft Intune is a cloud-based unified endpoint management platform that empowers IT to manage, assess, and protect apps and devices.
-
-
A closer look at Qakbot’s latest building blocks (and how to knock them down)
Multiple Qakbot campaigns that are active at any given time prove that the decade-old malware continues to be many attackers’ tool of choice, a customizable chameleon that adapts to suit the needs of the multiple threat actor groups that utilize it. -
New Secured-core servers are now available from the Microsoft ecosystem to help secure your infrastructure
With cyberattacks continuing to rise, the need for secure computing has never been more important. -
Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021
Over the past year, the Microsoft Threat Intelligence Center (MSTIC) has observed a gradual evolution of the tools, techniques, and procedures employed by malicious network operators based in Iran. Secure and verify every identity with Microsoft Entra
Microsoft Entra expands beyond identity and access management with new product categories such as cloud infrastructure entitlement management (CIEM) and decentralized identity.
-
HTML smuggling surges: Highly evasive loader technique increasingly used in banking malware, targeted attacks
HTML smuggling, a highly evasive malware delivery technique that leverages legitimate HTML5 and JavaScript features, is increasingly used in email campaigns that deploy banking malware, remote access Trojans (RATs), and other payloads related to targeted attacks. -
How cyberattacks are changing according to new Microsoft Digital Defense Report
Get the latest expert insights on human-operated ransomware, phishing attacks, malware, and more to get ahead of these threats before they begin. -
Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability
This blog details our in-depth analysis of the attacks that used the CVE-2021-40444, provides detection details and investigation guidance for Microsoft 365 Defender customers, and lists mitigation steps for hardening networks against this and similar attacks. -
3 steps to prevent and recover from ransomware
Learn real-world steps for protecting against the latest ransomware and other malicious cyberattacks. Prevent threats with Microsoft Defender
The Microsoft Defender family offers comprehensive threat prevention, detection, and response capabilities for everyone—from individuals looking to protect their family to the world’s largest enterprises.
-
Microsoft at Black Hat 2021: Sessions, bug bounty updates, product news, and more
Get previews of Microsoft’s latest security solutions, information on virtual sessions, and more for Black Hat 2021. -
Strategies, tools, and frameworks for building an effective threat intelligence team
Red Canary Director of Intelligence Katie Nickels shares her thoughts on strategies, tools, and frameworks to build an effective threat intelligence team. -
Phorpiex morphs: How a longstanding botnet persists and thrives in the current threat environment
Phorpiex, an enduring botnet known for extortion campaigns and for using old-fashioned worms, began diversifying its infrastructure in recent years to become more resilient and to deliver more dangerous payloads. -
Gartner names Microsoft a Leader in the 2021 Endpoint Protection Platforms Magic Quadrant
We are so grateful to our customers who have collaborated with us in creating one of the best endpoint security solutions on the market and are thrilled that Gartner has recognized this work and the journey we’ve taken alongside our customers by naming Microsoft a Leader in the 2021 Endpoint Protection Platforms (EPP) Magic Quadrant, positioned highest on ability to execute.
