Skip to main content
Skip to main content
Microsoft
Microsoft Security
Microsoft Security
Microsoft Security
Home
Solutions
Cloud security
Frontline workers
Identity & access
Industrial & critical infrastructure
Information protection & governance
IoT security
Passwordless authentication
Phishing
Ransomware
Risk management
Secure remote work
SIEM & XDR
Small & medium business
Zero Trust
Products
Product families
Product families
Microsoft Defender
Microsoft Entra
Microsoft Intune
Microsoft Priva
Microsoft Purview
Microsoft Sentinel
Identity & access
Identity & access
Azure Active Directory part of Microsoft Entra
Microsoft Entra Identity Governance
Microsoft Entra Permissions Management
Microsoft Entra Verified ID
Microsoft Entra Workload Identities
Azure Key Vault
SIEM & XDR
SIEM & XDR
Microsoft Sentinel
Microsoft Defender for Cloud
Microsoft 365 Defender
Microsoft Defender for Endpoint
Microsoft Defender for Office 365
Microsoft Defender for Identity
Microsoft Defender for Cloud Apps
Microsoft Defender Vulnerability Management
Microsoft Defender Threat Intelligence
Cloud security
Cloud security
Microsoft Defender for Cloud
Microsoft Defender Cloud Security Posture Mgmt
Microsoft Defender for DevOps
Microsoft Defender External Attack Surface Management
Azure Firewall
Azure Web App Firewall
Azure DDoS Protection
GitHub Advanced Security
Endpoint security
Endpoint security
Microsoft 365 Defender
Microsoft Defender for Endpoint
Microsoft Defender for IoT
Microsoft Defender for Business
Microsoft Defender Vulnerability Management
Risk management & privacy
Risk management & privacy
Microsoft Purview Insider Risk Management
Microsoft Purview Communication Compliance
Microsoft Purview eDiscovery
Microsoft Purview Compliance Manager
Microsoft Purview Audit
Microsoft Priva Risk Management
Microsoft Priva Subject Rights Requests
Information protection
Information protection
Microsoft Purview Information Protection
Microsoft Purview Data Lifecycle Management
Microsoft Purview Data Loss Prevention
Endpoint management
Endpoint management
Microsoft Intune
Services
Microsoft Security Experts
Microsoft Defender Experts for Hunting
Microsoft Security Services for Enterprise
Microsoft Security Services for Incident Response
Microsoft Security Services for Modernization
Partners
Resources
Get started
Get started
Cybersecurity awareness
Customer stories
Security 101
Product trials
How we protect Microsoft
Reports and analysis
Reports and analysis
Industry recognition
Microsoft Security Insider
Microsoft Digital Defense Report
Security Response Center
Community
Community
Microsoft Security Blog
Microsoft Security Events
Microsoft Tech Community
Documentation and training
Documentation and training
Documentation
Technical Content Library
Training & certifications
Additional sites
Additional sites
Compliance Program for Microsoft Cloud
Microsoft Trust Center
Security Engineering Portal
Service Trust Portal
Contact sales
More
Start free trial
All Microsoft
Global
Microsoft Security
Azure
Dynamics 365
Microsoft 365
Microsoft Teams
Windows 365
Tech & innovation
Tech & innovation
Microsoft Cloud
AI
Azure Space
Mixed reality
Microsoft HoloLens
Microsoft Viva
Quantum computing
Sustainability
Industries
Industries
Education
Automotive
Financial services
Government
Healthcare
Manufacturing
Retail
All industries
Partners
Partners
Find a partner
Become a partner
Partner Network
Find an advertising partner
Become an advertising partner
Azure Marketplace
AppSource
Resources
Resources
Blog
Microsoft Advertising
Developer Center
Documentation
Events
Licensing
Microsoft Learn
Microsoft Research
View Sitemap
Search
Search Microsoft Security
No results
Cancel
Sign in
Microsoft security intelligence
Security research and threat intelligence from our global network of security experts.
bars
Category filters menu
Recent articles
Products and solutions
See all
Azure Active Directory
Azure Information Protection
Microsoft 365 Defender
Microsoft 365 Security
Microsoft Authenticator
See all
Azure Active Directory
Azure Information Protection
Microsoft 365 Defender
Microsoft 365 Security
Microsoft Authenticator
Microsoft Defender for Cloud
Microsoft Defender for Cloud Apps
Microsoft Defender for Endpoint
Microsoft Defender for Office 365
Microsoft Endpoint Manager
Microsoft Graph Security API
Microsoft Defender for Cloud
Microsoft Defender for Cloud Apps
Microsoft Defender for Endpoint
Microsoft Defender for Office 365
Microsoft Endpoint Manager
Microsoft Graph Security API
Microsoft Sentinel
Office 365 Security
Secure Score
Windows Security
XDR
Microsoft Sentinel
Office 365 Security
Secure Score
Windows Security
XDR
Topics
See all
AI and machine learning
Automation
Cloud Access Security Broker
Compliance
Cybersecurity policy
Data governance
Email security
See all
AI and machine learning
Automation
Cloud Access Security Broker
Compliance
Cybersecurity policy
Data governance
Email security
Encryption
Endpoint security
GDPR
Identity and access management
Incident response
Information/data protection
IoT
Mobile security
Encryption
Endpoint security
GDPR
Identity and access management
Incident response
Information/data protection
IoT
Mobile security
Network security
Phishing
Privacy
Ransomware
Security deployment
Security intelligence
Security management
Security operations
Network security
Phishing
Privacy
Ransomware
Security deployment
Security intelligence
Security management
Security operations
Security strategies
SIEM
Threat protection
XDR
Zero trust
Security strategies
SIEM
Threat protection
XDR
Zero trust
Series
See all
CISO series
Compliance and data governance
Identity and access management
Integrated Threat Protection
IoT security
Microsoft Detection and Response Team (DART)
See all
CISO series
Compliance and data governance
Identity and access management
Integrated Threat Protection
IoT security
Microsoft Detection and Response Team (DART)
Microsoft Intelligent Security Association (MISA)
Microsoft Security Experts
Microsoft security intelligence
Secure remote work
Security deployment
Voice of the community
Voice of the customer
Microsoft Intelligent Security Association (MISA)
Microsoft Security Experts
Microsoft security intelligence
Secure remote work
Security deployment
Voice of the community
Voice of the customer
Related blogs
Azure Active Directory Identity
Microsoft 365
Microsoft Endpoint Management
Microsoft Security Guidance
Microsoft Security Response Center
Security in Azure
Tech Community
Azure Active Directory Identity
Microsoft 365
Microsoft Endpoint Management
Microsoft Security Guidance
Microsoft Security Response Center
Security in Azure
Tech Community
Subscribe
Featured image for Introducing kernel sanitizers on Microsoft platforms
January 26, 2023
• 16 min read
Introducing kernel sanitizers on Microsoft platforms
We share technical details of our work on the AddressSanitizer (ASAN) and how it contributes to durably improving software quality and security at Microsoft.
Read more
Introducing kernel sanitizers on Microsoft platforms
Featured image for Microsoft research uncovers new Zerobot capabilities
December 21, 2022
• 12 min read
Microsoft research uncovers new Zerobot capabilities
The Microsoft Defender for IoT research team details information on the recent distribution of a Go-based botnet, known as Zerobot, that spreads primarily through IoT and web-application vulnerabilities.
Read more
Microsoft research uncovers new Zerobot capabilities
Featured image for Gatekeeper’s Achilles heel: Unearthing a macOS vulnerability
December 19, 2022
• 9 min read
Gatekeeper’s Achilles heel: Unearthing a macOS vulnerability
Microsoft discovered a vulnerability in macOS, referred to as “Achilles”, allowing attackers to bypass application execution restrictions enforced by the Gatekeeper security mechanism.
Read more
Gatekeeper’s Achilles heel: Unearthing a macOS vulnerability
Featured image for MCCrash: Cross-platform DDoS botnet targets private Minecraft servers
December 15, 2022
• 8 min read
MCCrash: Cross-platform DDoS botnet targets private Minecraft servers
The Microsoft Defender for IoT research team analyzed a cross-platform botnet that infects both Windows and Linux systems from PCs to IoT devices, to launch distributed denial of service (DDoS) attacks against private Minecraft servers.
Read more
MCCrash: Cross-platform DDoS botnet targets private Minecraft servers
Featured image for IIS modules: The evolution of web shells and how to detect them
December 12, 2022
• 10 min read
IIS modules: The evolution of web shells and how to detect them
This blog aims to provide further guidance on detecting malicious IIS modules and other capabilities that you can use during your own incident response investigations.
Read more
IIS modules: The evolution of web shells and how to detect them
Featured image for Mitigate threats with the new threat matrix for Kubernetes
December 7, 2022
• 4 min read
Mitigate threats with the new threat matrix for Kubernetes
The updated threat matrix for Kubernetes comes in a new format that simplifies usage of the knowledge base and with new content to help mitigate threats.
Read more
Mitigate threats with the new threat matrix for Kubernetes
Featured image for DEV-0139 launches targeted attacks against the cryptocurrency industry
December 6, 2022
• 17 min read
DEV-0139 launches targeted attacks against the cryptocurrency industry
Microsoft security researchers investigate an attack where the threat actor, tracked DEV-0139, used chat groups to target specific cryptocurrency investment companies and run a backdoor within their network.
Read more
DEV-0139 launches targeted attacks against the cryptocurrency industry
Featured image for Join us at InfoSec Jupyterthon 2022
November 22, 2022
• 1 min read
Join us at InfoSec Jupyterthon 2022
Join our community of analysts and engineers at the third annual InfoSec Jupyterthon 2022, an online event taking place on December 2 and 3, 2022.
Read more
Join us at InfoSec Jupyterthon 2022
Featured image for Vulnerable SDK components lead to supply chain risks in IoT and OT environments
November 22, 2022
• 6 min read
Vulnerable SDK components lead to supply chain risks in IoT and OT environments
As vulnerabilities in network components, architecture files, and developer tools have become an increasingly popular attack vector to leverage access into secure networks and devices, Microsoft identified such a vulnerable component and found evidence of a supply chain risk that might affect millions of organizations and devices.
Read more
Vulnerable SDK components lead to supply chain risks in IoT and OT environments
Featured image for DEV-0569 finds new ways to deliver Royal ransomware, various payloads
November 17, 2022
• 7 min read
DEV-0569 finds new ways to deliver Royal ransomware, various payloads
DEV-0569’s recent activity shows their reliance on malvertising and phishing in delivering malicious payloads. The group’s changes and updates in delivery and payload led to distribution of info stealers and Royal ransomware.
Read more
DEV-0569 finds new ways to deliver Royal ransomware, various payloads
Featured image for Token tactics: How to prevent, detect, and respond to cloud token theft
November 16, 2022
• 9 min read
Token tactics: How to prevent, detect, and respond to cloud token theft
As organizations increase their coverage of multifactor authentication (MFA), threat actors have begun to move to more sophisticated techniques to allow them to compromise corporate resources without needing to satisfy MFA. Recently, the Microsoft Detection and Response Team (DART) has seen an increase in attackers utilizing token theft for this purpose.
Read more
Token tactics: How to prevent, detect, and respond to cloud token theft
Featured image for 2022 holiday DDoS protection guide
November 15, 2022
• 5 min read
2022 holiday DDoS protection guide
The holiday season is an exciting time for many people as they get to relax, connect with friends and family, and celebrate traditions. Organizations also have much to rejoice about during the holidays (for example, more sales for retailers and more players for gaming companies). Unfortunately, cyber attackers also look forward to this time of year to celebrate an emerging holiday tradition—distributed denial-of-service (DDoS) attacks.
Read more
2022 holiday DDoS protection guide
1
2
3
…
26
Next Page
