Onyx Sleet uses array of malware to gather intelligence for North Korea
On July 25, 2024, the United States Department of Justice (DOJ) indicted an individual linked to the North Korean threat actor that Microsoft tracks as Onyx Sleet.
Microsoft Sentinel
Microsoft Sentinel is a security information and event management (SIEM) and unified data lake platform that helps you uncover and quickly respond to threats. Explore case studies, product updates, and best practices to help you secure your multicloud environment.
Refine results
Topic
Products and services
Publish date
Go beyond data protection with Microsoft Purview
Govern, protect, and manage all of your data with Microsoft Purview, comprehensive solutions to help give you better visibility and control.
-
-
Simplified Zero Trust security with the Microsoft Entra Suite and unified security operations platform, now generally available
Microsoft is announcing the Microsoft Entra Suite and the unified security operations platform, two innovations that simplify the implementation of your Zero Trust security strategy. -
Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks
Microsoft has identified a new North Korean threat actor, now tracked as Moonstone Sleet (formerly Storm-1789), that combines many tried-and-true techniques used by other North Korean threat actors, as well as unique attack methodologies to target companies for its financial and cyberespionage objectives. -
Microsoft is again named a Leader in the 2024 Gartner® Magic Quadrant™ for Security Information and Event Management
Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant™ for Security Information and Event Management and positioned based on our Ability to Execute Completeness of vision. Streamline privacy management with Microsoft Priva
Protect and govern personal information, reduce privacy risks, and manage subject rights requests at scale with Microsoft Priva privacy risk management solutions.
-
New capabilities to help you secure your AI transformation
Today, we’re thrilled to introduce new features for securing and governing in the age of AI. -
Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials
Since 2019, Forest Blizzard has used a custom post-compromise tool to exploit a vulnerability in the Windows Print Spooler service that allows elevated permissions. -
Get end-to-end protection with Microsoft’s unified security operations platform, now in public preview
Microsoft’s unified security operations platform is now in public preview. -
Microsoft Sentinel delivered 234% ROI, according to new Forrester study
A new Forrester study of more than 450 organizations that implemented Microsoft Sentinel found significant benefits, including a 234% return on investment. Simplify endpoint management with Microsoft Intune
Microsoft Intune is a cloud-based unified endpoint management platform that empowers IT to manage, assess, and protect apps and devices.
-
Secure SaaS applications with Valence Security and Microsoft Security
The rapid adoption of Software as a Service (SaaS) has revolutionized collaboration and innovation across industries. -
Microsoft Copilot for Security: The great equalizer for government security
Microsoft Copilot for Security is the first generative AI security product that will help defend organizations at machine speed and scale. -
Get the most out of Microsoft Copilot for Security with good prompt engineering
Good prompt engineering can greatly improve generative AI outputs, which means more relevant and accurate results. -
New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs
Since November 2023, Microsoft has observed a distinct subset of Mint Sandstorm (PHOSPHORUS) targeting high-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the United Kingdom, and the United States.
