Cyberattacker techniques, tools, and infrastructure

Cyberattackers constantly evolve their techniques, tools, and infrastructure to launch increasingly complex attacks. Learn about the latest tactics and how to detect, disrupt, and defend against them.

Refine Results

Filtered by

Clear All

attacker-techniques-tools-and-infrastructure

Refine results

Sort By

Content Type

Topic

Products and services

Publish date

Start Date

End Date

Retain Microsoft Security Experts

Microsoft Security Experts are now available to strengthen your team with managed security services. Learn how to defend against threats with security experts.

Get started
December 3, 2018

3 min read

Insights from the MITRE ATT&CK-based evaluation of Windows Defender ATP

In MITRE’s evaluation of endpoint detection and response solutions, Windows Defender Advanced Threat Protection demonstrated industry-leading optics and detection capabilities.
December 3, 2018

7 min read

Analysis of cyberattack on U.S. think tanks, non-profits, public sector by unidentified attackers

Reuters recently reported a hacking campaign focused on a wide range of targets across the globe.
November 8, 2018

12 min read

Attack uses malicious InPage document and outdated VLC media player to give attackers backdoor access to targets

Our analysis of a targeted attack that used a language-specific word processor shows why it’s important to understand and protect against small-scale and localized attacks as well as broad-scale malware campaigns.
October 26, 2018

6 min read

Windows Defender Antivirus can now run in a sandbox

Windows Defender Antivirus has hit a new milestone: the built-in antivirus capabilities on Windows can now run within a sandbox.
Modernize your Security Operations Center with Microsoft Sentinel

Microsoft Sentinel is a cloud-native SIEM solution powered by AI and automation that delivers intelligent security analytics across your entire enterprise.

Learn more
September 6, 2018

6 min read

Small businesses targeted by highly localized Ursnif campaign

In social engineering attacks, is less really more? A new malware campaign puts that to the test by targeting home users and small businesses in specific US cities.
July 11, 2018

11 min read

Hawkeye Keylogger – Reborn v8: An in-depth campaign analysis

Hawkeye Keylogger is an info-stealing malware that’s being sold as malware-as-a-service.
April 20, 2018

5 min read

Teaming up in the war on tech support scams

Beyond customer education, the scale and complexity of tech support scams require cooperation and broad partnerships across the industry.
April 4, 2018

8 min read

Hunting down Dofoil with Windows Defender ATP

Dofoil is a sophisticated threat that attempted to install coin miner malware on hundreds of thousands of computers in March, 2018.
Tailored AI insights from Microsoft Security Copilot

Empower your defenders to detect hidden patterns, harden defenses, and respond to incidents faster with generative AI.

Learn more
March 13, 2018

7 min read

Poisoned peer-to-peer app kicked off Dofoil coin miner outbreak

On March 7, we reported that a massive Dofoil campaign attempted to install malicious cryptocurrency miners on hundreds of thousands of computers.
March 13, 2018

8 min read

Invisible resource thieves: The increasing threat of cryptocurrency miners

The surge in Bitcoin prices has driven widescale interest in cryptocurrencies.
March 7, 2018

5 min read

Behavior monitoring combined with machine learning spoils a massive Dofoil coin mining campaign

Update: Further analysis of this campaign points to a poisoned update for a peer-to-peer (P2P) application.
March 1, 2018

20 min read

FinFisher exposed: A researcher’s tale of defeating traps, tricks, and complex virtual machines

Office 365 Advanced Threat Protection (Office 365 ATP) blocked many notable zero-day exploits in 2017.