Microsoft Defender

Microsoft Defender helps prevent, detect, and respond to attacks across devices, identities, apps, email, data, workloads, and clouds. Explore threat intelligence, capabilities, and real-world guidance to help you get more out of Defender.

Refine Results

Filtered by

Clear All

Microsoft Defender

Refine results

Sort By

Content Type

Topic

Products and services

Publish date

Start Date

End Date

Retain Microsoft Security Experts
Microsoft Security Experts are now available to strengthen your team with managed security services. Learn how to defend against threats with security experts.
Get started
October 21, 2021

13 min read

Franken-phish: TodayZoo built from other phishing kits

A phishing kit built using pieces of code copied from other kits, some available for sale through publicly accessible scam sellers or are reused and repackaged by other kit resellers, provides rich insight into the state of the economy that drives phishing and email threats today.
October 20, 2021

4 min read

New Microsoft Sysmon report in VirusTotal improves security

Today, following the 25th year anniversary of Microsoft Sysinternals, we are announcing the general availability of a new Microsoft Sysmon report in VirusTotal.
October 18, 2021

3 min read

Microsoft achieves a Leader placement in Forrester Wave for XDR

We are excited to share that Microsoft has been named a Leader in The Forrester New Wave™: Extended Detection and Response (XDR), Q4, 2021, receiving one of the highest scores in the strategy category.
October 11, 2021

6 min read

How cyberattacks are changing according to new Microsoft Digital Defense Report

Get the latest expert insights on human-operated ransomware, phishing attacks, malware, and more to get ahead of these threats before they begin.
Modernize your Security Operations Center with Microsoft Sentinel
Microsoft Sentinel is a cloud-native SIEM solution powered by AI and automation that delivers intelligent security analytics across your entire enterprise.
Learn more
September 29, 2021

3 min read

Defend against zero-day exploits with Microsoft Defender Application Guard

Zero-day security vulnerabilities are like gold to attackers.
September 21, 2021

15 min read

Catching the big fish: Analyzing a large-scale phishing-as-a-service operation

With over 100 available phishing templates that mimic known brands and services, the BulletProofLink operation is responsible for many of the phishing campaigns that impact enterprises today.
September 15, 2021

8 min read

Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability

This blog details our in-depth analysis of the attacks that used the CVE-2021-40444, provides detection details and investigation guidance for Microsoft 365 Defender customers, and lists mitigation steps for hardening networks against this and similar attacks.
September 9, 2021

3 min read

Combat attacks with security solutions from Trustwave and Microsoft

Cyberattacks and ransomware demands are on the rise.
Tailored AI insights from Microsoft Security Copilot
Empower your defenders to detect hidden patterns, harden defenses, and respond to incidents faster with generative AI.
Learn more
September 7, 2021

6 min read

3 steps to prevent and recover from ransomware

Learn real-world steps for protecting against the latest ransomware and other malicious cyberattacks.
August 31, 2021

4 min read

Microsoft a Leader in 2021 Gartner® Magic Quadrant™ for Unified Endpoint Management Tools

Adapting to the evolving business landscape, organizations increasingly depend on Microsoft Endpoint Manager to enable hybrid work—where the endpoint is the new workplace.
August 26, 2021

10 min read

Widespread credential phishing campaign abuses open redirector links

Microsoft has been actively tracking a widespread credential phishing campaign using open redirector links, which allow attackers to use a URL in a trusted domain and embed the eventual final malicious URL as a parameter.
August 19, 2021

8 min read

How to proactively defend against Mozi IoT botnet

Mozi is a peer-to-peer (P2P) botnet that uses a BitTorrent-like network to infect IoT devices such as network gateways and digital video records (DVRs).