Microsoft Defender

Microsoft Defender helps prevent, detect, and respond to attacks across devices, identities, apps, email, data, workloads, and clouds. Explore threat intelligence, capabilities, and real-world guidance to help you get more out of Defender.

Refine Results

Filtered by

Clear All

Microsoft Defender

Refine results

Sort By

Content Type

Topic

Products and services

Publish date

Start Date

End Date

Modernize your Security Operations Center with Microsoft Sentinel
Microsoft Sentinel is a cloud-native SIEM solution powered by AI and automation that delivers intelligent security analytics across your entire enterprise.
Learn more
May 30, 2024

9 min read

Exposed and vulnerable: Recent attacks highlight critical need to protect internet-exposed OT devices

Since late 2023, Microsoft has observed an increase in reports of attacks focusing on internet-exposed, poorly secured operational technology (OT) devices.
May 29, 2024

7 min read

6 insights from Microsoft’s 2024 state of multicloud risk report to evolve your security strategy

Discover the top multicloud security risks across DevOps, runtime environments, identity and access, and data in this new report from Microsoft.
May 28, 2024

14 min read

Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks

Microsoft has identified a new North Korean threat actor, now tracked as Moonstone Sleet (formerly Storm-1789), that combines many tried-and-true techniques used by other North Korean threat actors, as well as unique attack methodologies to target companies for its financial and cyberespionage objectives.
May 15, 2024

10 min read

Threat actors misusing Quick Assist in social engineering attacks leading to ransomware

Microsoft Threat Intelligence has observed Storm-1811 misusing the client management tool Quick Assist to target users in social engineering attacks that lead to malware like Qakbot followed by Black Basta ransomware deployment.
Tailored AI insights from Microsoft Security Copilot
Empower your defenders to detect hidden patterns, harden defenses, and respond to incidents faster with generative AI.
Learn more
May 6, 2024

6 min read

New capabilities to help you secure your AI transformation

Today, we’re thrilled to introduce new features for securing and governing in the age of AI.
May 2, 2024

4 min read

Microsoft named an overall leader in KuppingerCole Leadership Compass for ITDR

Today we are thrilled to announce that Microsoft has been recognized as an overall leader in the KuppingerCole Leadership Compass Identity Threat Detection and Response: IAM Meets the SOC.
May 1, 2024

15 min read

“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps

Microsoft discovered a vulnerability pattern in multiple popular Android applications that could enable a malicious application to overwrite files in the vulnerable application’s internal data storage directory, which could lead to arbitrary code execution and token theft, among other impacts.
April 25, 2024

7 min read

Investigating industrial control systems using Microsoft’s ICSpector open-source framework

Microsoft released ICSpector as an open-source framework to help organizations secure their industrial control systems.
Go beyond data protection with Microsoft Purview
Govern, protect, and manage all of your data with Microsoft Purview, comprehensive solutions to help give you better visibility and control.
Learn more
April 24, 2024

5 min read

5 ways a CNAPP can strengthen your multicloud security environment

CNAPP, or cloud-native application protection platform, can be a powerful tool in your cybersecurity toolkit.
April 22, 2024

10 min read

Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials

Since 2019, Forest Blizzard has used a custom post-compromise tool to exploit a vulnerability in the Windows Print Spooler service that allows elevated permissions.
April 17, 2024

4 min read

Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters

Microsoft recently uncovered an attack that exploits new critical vulnerabilities in OpenMetadata to gain access to Kubernetes workloads and leverage them for cryptomining activity.
April 16, 2024

7 min read

New Microsoft guidance for the DoD Zero Trust Strategy

We are excited to announce new Zero Trust activity-level guidance for implementing the Department of Defense Zero Trust Strategy with Microsoft cloud services.