Skip to main content
Microsoft Security

Microsoft Security Blog

Man in coffee shop at laptop

File hosting services misused for identity phishing 

Since mid-April 2024, Microsoft has observed an increase in defense evasion tactics used in campaigns abusing file hosting services like SharePoint, OneDrive, and Dropbox. These campaigns use sophisticated techniques to perform social engineering, evade detection, and compromise identities, and include business email compromise (BEC) attacks.

A group of security practitioners work at their computers.

​​Microsoft is named a Leader in the 2024 Gartner® Magic Quadrantâ„¢ for Endpoint Protection Platforms 

Gartner® names Microsoft a Leader in Endpoint Protection Platforms—a reflection, we believe, of our continued progress in helping organizations protect their endpoints against even the most sophisticated attacks, while driving continued efficiency for security operations center teams.

Retain Microsoft Security Experts

Microsoft Security Experts are now available to strengthen your team with managed security services. Learn how to defend against threats with security experts.

North Korean threat actor Citrine Sleet exploiting Chromium zero-day 

Microsoft identified a North Korean threat actor exploiting a zero-day vulnerability in Chromium (CVE-2024-7971) to gain remote code execution (RCE) in the Chromium renderer process. Our assessment of ongoing analysis and observed infrastructure attributes this activity to Citrine Sleet, a North Korean threat actor that commonly targets the cryptocurrency sector for financial gain.

A photo of a male standing in front of a computer

Peach Sandstorm deploys new custom Tickler malware in long-running intelligence gathering operations 

Between April and July 2024, Microsoft observed Iranian state-sponsored threat actor Peach Sandstorm deploying a new custom multi-stage backdoor, which we named Tickler. Tickler has been used in attacks against targets in the satellite, communications equipment, oil and gas, as well as federal and state government sectors in the United States and the United Arab […]