Guarding against supply chain attacks—Part 2: Hardware risks
Part 2 examines the hardware supply chain, its vulnerabilities, how you can protect yourself, and Microsoft’s role in reducing hardware-based attacks.
sLoad launches version 2.0, Starslord
sLoad has launched version 2.0. With the new version, sLoad, which is a PowerShell-based Trojan downloader notable for its almost exclusive use of the Windows BITS service for malicious activities, has added an anti-analysis trick and the ability to track the stage of infection for every affected machine.
Data science for cybersecurity: A probabilistic time series model for detecting RDP inbound brute force attacks
Microsoft Defender ATP data scientists and threat hunters collaborate to use a data science-driven approach to detecting RDP brute force attacks to protect customers against real-world threats.
Norsk Hydro responds to ransomware attack with transparency
Aluminum supplier Norsk Hydro was attacked by LockerGoga, a form of ransomware. Learn how the company recovered and got back to business as usual.
Multi-stage downloader Trojan sLoad abuses BITS almost exclusively for malicious activities
Many of today’s threats evolve to incorporate as many living-off-the-land techniques as possible into the attack chain. The PowerShell-based downloader Trojan known as sLoad, however, puts all its bets on BITS.
GALLIUM: Targeting global telecom
Microsoft Threat Intelligence Center (MSTIC) is raising awareness of the ongoing activity by a group we call GALLIUM, targeting telecommunication providers.
The quiet evolution of phishing
In 2019, we saw phishing attacks reach new levels of creativity and sophistication. Read about the most notable phishing techniques we spotted in the past year.
Improve cyber supply chain risk management with Microsoft Azure
To keep government agencies secure in the cloud, we must keep pace and stay ahead of cyber attackers by defending the cyber supply chain with Microsoft Azure.
Insights from one year of tracking a polymorphic threat
We discovered the polymoprhic threat Dexphot in October 2018. In the months that followed, we closely tracked the threat as attackers upgraded the malware, targeted new processes, and worked around defensive measures.
Microsoft works with researchers to detect and protect against new RDP exploits
The new exploit attacks show that BlueKeep will be a threat as long as systems remain unpatched, credential hygiene is not achieved, and overall security posture is not kept in check.
Top 6 email security best practices to protect against phishing attacks and business email compromise
What should IT and security teams be looking for in an email security solution to protect all their users, from frontline workers to the C-suite? Here are 6 tips to ensure your organization has a strong email security posture.
Guarding against supply chain attacks—Part 1: The big picture
Paying attention to every link in your supply chain is vital to protect your assets from supply chain attacks.