Research

Explore in-depth research on the latest cybersecurity threats, trends, and defense strategies. Get insights from Microsoft that’ll help you better understand and respond to today’s challenges.

Refine Results

Filtered by

Clear All

Research

Refine results

Sort By

Content Type

Topic

Products and services

Publish date

Start Date

End Date

Secure and verify every identity with Microsoft Entra

Microsoft Entra expands beyond identity and access management with new product categories such as cloud infrastructure entitlement management (CIEM) and decentralized identity.

Learn more
December 11, 2024

7 min read

Microsoft Defender XDR demonstrates 100% detection coverage across all cyberattack stages in the 2024 MITRE ATT&CK® Evaluations: Enterprise

For the sixth year in a row, Microsoft Defender XDR demonstrated industry-leading extended detection and response (XDR) capabilities in the independent MITRE ATT&CK® Evaluations: Enterprise.
December 11, 2024

14 min read

Frequent freeloader part II: Russian actor Secret Blizzard using tools of other groups to attack Ukraine

Since January 2024, Microsoft has observed Secret Blizzard using the tools or infrastructure of other threat groups to attack targets in Ukraine and download its custom backdoors Tavdig and KazuarV2.
December 4, 2024

16 min read

Frequent freeloader part I: Secret Blizzard compromising Storm-0156 infrastructure for espionage

Microsoft has observed Secret Blizzard compromising the infrastructure and backdoors of the Pakistan-based threat actor we track as Storm-0156 for espionage against the Afghanistan government and Indian Army targets.
November 22, 2024

10 min read

Microsoft shares latest intelligence on North Korean and Chinese threat actors at CYBERWARCON

At CYBERWARCON 2024, Microsoft Threat Intelligence analysts will share research and insights on North Korean and Chinese threat actors representing years of threat actor tracking, infrastructure monitoring and disruption, and their attack tooling.
Prevent threats with Microsoft Defender

The Microsoft Defender family offers comprehensive threat prevention, detection, and response capabilities for everyone—from individuals looking to protect their family to the world’s largest enterprises.

Explore products
November 13, 2024

5 min read

Microsoft Data Security Index annual report highlights evolving generative AI security needs

84% of surveyed organizations want to feel more confident about managing and discovering data input into AI apps and tools.
November 11, 2024

5 min read

DoD Zero Trust Strategy proves security benchmark years ahead of schedule with Microsoft collaboration

The Navy implementation scored a 100 percent success rate, meeting DoD requirements on all 91 Target-Level activities tested.
October 31, 2024

8 min read

Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network

Since August 2023, Microsoft has observed intrusion activity targeting and successfully stealing credentials from multiple Microsoft customers that is enabled by highly evasive password spray attacks.
October 31, 2024

6 min read

7 cybersecurity trends and tips for small and medium businesses to stay protected

The challenges that small and midsize businesses (SMBs) face when it comes to security continue to increase as it becomes more difficult to keep up with sophisticated cyberthreats with limited resources or security expertise.
Retain Microsoft Security Experts

Microsoft Security Experts are now available to strengthen your team with managed security services. Learn how to defend against threats with security experts.

Get started
October 29, 2024

13 min read

Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files

Since October 22, 2024, Microsoft Threat Intelligence has observed Russian threat actor Midnight Blizzard sending a series of highly targeted spear-phishing emails to individuals in government, academia, defense, non-governmental organizations, and other sectors.
October 22, 2024

6 min read

Microsoft Threat Intelligence healthcare ransomware report highlights need for collective industry action

Healthcare organizations are an attractive target for ransomware attacks.
October 17, 2024

9 min read

New macOS vulnerability, “HM Surf”, could lead to unauthorized data access

Microsoft Threat Intelligence uncovered a macOS vulnerability that could potentially allow an attacker to bypass the operating system’s Transparency, Consent, and Control (TCC) technology and gain unauthorized access to a user’s protected data.
October 8, 2024

9 min read

File hosting services misused for identity phishing

Since mid-April 2024, Microsoft has observed an increase in defense evasion tactics used in campaigns abusing file hosting services like SharePoint, OneDrive, and Dropbox.