GALLIUM: Targeting global telecom
Microsoft Threat Intelligence Center (MSTIC) is raising awareness of the ongoing activity by a group we call GALLIUM, targeting telecommunication providers.
The quiet evolution of phishing
In 2019, we saw phishing attacks reach new levels of creativity and sophistication. Read about the most notable phishing techniques we spotted in the past year.
Improve cyber supply chain risk management with Microsoft Azure
To keep government agencies secure in the cloud, we must keep pace and stay ahead of cyber attackers by defending the cyber supply chain with Microsoft Azure.
Insights from one year of tracking a polymorphic threat
We discovered the polymoprhic threat Dexphot in October 2018. In the months that followed, we closely tracked the threat as attackers upgraded the malware, targeted new processes, and worked around defensive measures.
Microsoft works with researchers to detect and protect against new RDP exploits
The new exploit attacks show that BlueKeep will be a threat as long as systems remain unpatched, credential hygiene is not achieved, and overall security posture is not kept in check.
Top 6 email security best practices to protect against phishing attacks and business email compromise
What should IT and security teams be looking for in an email security solution to protect all their users, from frontline workers to the C-suite? Here are 6 tips to ensure your organization has a strong email security posture.
Guarding against supply chain attacks—Part 1: The big picture
Paying attention to every link in your supply chain is vital to protect your assets from supply chain attacks.
In hot pursuit of elusive threats: AI-driven behavior-based blocking stops attacks in their tracks
Two new machine learning protection features within the behavioral blocking and containment capabilities in Microsoft Defender ATP specialize in detecting threats by analyzing behavior, adding new layers of protection after an attack has started running.
TLS version enforcement capabilities now available per certificate binding on Windows Server 2019
Microsoft is pleased to announce a powerful new feature in Windows to make your transition to a TLS 1.2+ world easier.
Bring your own LOLBin: Multi-stage, fileless Nodersok campaign delivers rare Node.js-based malware
A new fileless malware campaign we dubbed Nodersok delivers two very unusual LOLBins to turn infected machines into zombie proxies.
Deep learning rises: New methods for detecting malicious PowerShell
We adopted a deep learning technique that was initially developed for natural language processing and applied to expand Microsoft Defender ATP’s coverage of detecting malicious PowerShell scripts, which continue to be a critical attack vector.
One simple action you can take to prevent 99.9 percent of attacks on your accounts
Learn about common vulnerabilities and what you can do to protect your company from attacks.