Imposter for hire: How fake people can gain very real access
Fake employees are an emerging cybersecurity threat.
Microsoft Defender for Endpoint
Refine results
Topic
Products and services
Publish date
-
-
SesameOp: Novel backdoor uses OpenAI Assistants API for command and control
Microsoft Incident Response – Detection and Response Team (DART) researchers uncovered a new backdoor that is notable for its novel use of the OpenAI Assistants Application Programming Interface (API) as a mechanism for command-and-control (C2) communications. -
StilachiRAT analysis: From system reconnaissance to cryptocurrency theft
Microsoft Incident Response uncovered a novel remote access trojan (RAT) named StilachiRAT, which demonstrates sophisticated techniques to evade detection, persist in the target environment, and exfiltrate sensitive data. -
Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction
Microsoft has been tracking activity related to the financially motivated threat actor Octo Tempest, whose evolving campaigns represent a growing concern for many organizations across multiple industries. Prevent threats with Microsoft Defender
The Microsoft Defender family offers comprehensive threat prevention, detection, and response capabilities for everyone—from individuals looking to protect their family to the world’s largest enterprises.
-
The five-day job: A BlackByte ransomware intrusion case study
In a recent investigation by Microsoft Incident Response of a BlackByte 2. -
Guidance for investigating attacks using CVE-2023-23397
This guide provides steps organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2023-23397. -
Web shell attacks continue to rise
A year ago, we reported the steady increase in the use of web shells in attacks worldwide. -
Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers
We, along with the security industry and our partners, continue to investigate the extent of the Solorigate attack. Retain Microsoft Security Experts
Microsoft Security Experts are now available to strengthen your team with managed security services. Learn how to defend against threats with security experts.
-
Windows Defender ATP machine learning: Detecting new and unusual breach activity
Microsoft has been investing heavily in next-generation security technologies. -
The two-pronged approach to detecting persistent adversaries
Advanced Persistent Threats use two primary methods of persistence: compromised endpoints and compromised credentials.
