Becoming resilient by understanding cybersecurity risks: Part 4—navigating current threats
Learn how your infrastructure and security operations can make you vulnerable to insider threats, ransomware, weaponized AI, and more.
Human-operated ransomware
Refine results
Topic
Products and services
Publish date
Tailored AI insights from Microsoft Security Copilot
Empower your defenders to detect hidden patterns, harden defenses, and respond to incidents faster with generative AI.
-
-
Automating threat actor tracking: Understanding attacker behavior for intelligence and contextual alerting
A probabilistic graphical modeling framework used by Microsoft 365 Defender research and intelligence teams for threat actor tracking enables us to quickly predict the likely threat group responsible for an attack, as well as the likely next attack stages. -
What tracking an attacker email infrastructure tells us about persistent cybercriminal operations
Sweeping research into massive attacker infrastructures, as well as our real-time monitoring of malware campaigns and attacker activity, directly inform Microsoft security solutions, allowing us to build or improve protections that block malware campaigns and other email threats, both current and future, as well as provide enterprises with the tools for investigating and responding to email campaigns in real-time. -
Sophisticated new Android malware marks the latest evolution of mobile ransomware
We found a piece of a particularly sophisticated Android ransomware with novel techniques and behavior, exemplifying the rapid evolution of mobile threats that we have also observed on other platforms. Go beyond data protection with Microsoft Purview
Govern, protect, and manage all of your data with Microsoft Purview, comprehensive solutions to help give you better visibility and control.
-
Stopping Active Directory attacks and other post-exploitation behavior with AMSI and machine learning
Microsoft Defender ATP leverages AMSI’s visibility into scripts and harnesses the power of machine learning to detect and stop post-exploitation activities that largely rely on scripts. -
Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk
Multiple ransomware groups that have been accumulating access and maintaining persistence on target networks for several months activated dozens of ransomware deployments in the first two weeks of April 2020. -
Microsoft works with healthcare organizations to protect from popular ransomware during COVID-19 crisis: Here’s what to do
Microsoft identified several dozens of hospitals with vulnerable gateway and VPN appliances. -
Human-operated ransomware attacks: A preventable disaster
In human-operated ransomware attacks, adversaries exhibit extensive knowledge of systems administration and common network security misconfigurations, perform thorough reconnaissance, and adapt to what they discover in a compromised network.
