A clearer lens on Zero Trust security strategy: Part 1
Today’s world is flooded with definitions and perspectives on Zero Trust, so we are kicking off a blog series to bring clarity to what Zero Trust is and means.
Credential theft
Refine results
Topic
Products and services
Publish date
Retain Microsoft Security Experts
Microsoft Security Experts are now available to strengthen your team with managed security services. Learn how to defend against threats with security experts.
-
-
Dismantling ZLoader: How malicious ads led to disabled security tools and ransomware
Microsoft took action against the ZLoader trojan by working with telecommunications providers around the world to disrupt key ZLoader infrastructure. -
3 steps to secure your multicloud and hybrid infrastructure with Azure Arc
In this blog, we will share how you can increase security for on-premises and hybrid infrastructure through offerings including Azure Arc, Microsoft Defender for Cloud, and Secured-core for Azure Stack HCI. -
DEV-0537 criminal actor targeting organizations for data exfiltration and destruction
The activity we have observed has been attributed to a threat group that Microsoft tracks as DEV-0537, also known as LAPSUS$. Modernize your Security Operations Center with Microsoft Sentinel
Microsoft Sentinel is a cloud-native SIEM solution powered by AI and automation that delivers intelligent security analytics across your entire enterprise.
-
Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability
Microsoft is tracking threats taking advantage of the remote code execution (RCE) vulnerability in Apache Log4j 2. -
A closer look at Qakbot’s latest building blocks (and how to knock them down)
Multiple Qakbot campaigns that are active at any given time prove that the decade-old malware continues to be many attackers’ tool of choice, a customizable chameleon that adapts to suit the needs of the multiple threat actor groups that utilize it. -
New Secured-core servers are now available from the Microsoft ecosystem to help secure your infrastructure
With cyberattacks continuing to rise, the need for secure computing has never been more important. -
NICKEL targeting government organizations across Latin America and Europe
China-based threat actor NICKEL has been targeting governments, diplomatic entities, and non-governmental organizations (NGOs) across Central and South America, the Caribbean, and Europe. Tailored AI insights from Microsoft Security Copilot
Empower your defenders to detect hidden patterns, harden defenses, and respond to incidents faster with generative AI.
-
Structured threat hunting: One way Microsoft Defender Experts for Hunting prioritizes customer defense
Our approach to threat hunting is designed to evaluate impact and escalate potential threats for investigation, based on how damaging the potential threat would be. -
Iranian targeting of IT sector on the rise
Microsoft has observed multiple Iranian threat actors targeting the IT services sector in attacks that aim to steal sign-in credentials belonging to downstream customer networks to enable further attacks. -
Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021
Over the past year, the Microsoft Threat Intelligence Center (MSTIC) has observed a gradual evolution of the tools, techniques, and procedures employed by malicious network operators based in Iran. -
AI-driven adaptive protection against human-operated ransomware
We developed a cloud-based machine learning system that, when queried by a device, intelligently predicts if it is at risk, then automatically issues a more aggressive blocking verdict to protect the device, thwarting an attacker’s next steps.
