Skip to main content
Microsoft Security

Threat intelligence

The Microsoft Threat Intelligence community is made up of world-class experts, security researchers, analysts, and threat hunters who analyze 100 trillion signals daily to discover threats and deliver timely and timely, relevant insight to protect customers. See our latest findings, insights, and guidance.

Refine Results

Filtered by

Clear All
  • Threat intelligence

Refine results

Sort By
Content Type
Research (376)
News (16)
Best practices (4)
Events (1)
Industry trends (0)
Topic
Threat intelligence (399)
Incident response (34)
AI and agents (10)
Endpoint security (7)
Threat trends (5)
Security operations (5)
Cloud security (5)
SIEM and XDR (3)
Internet of Things (IoT) security (3)
Identity and access management (3)
Email security (3)
Zero Trust (2)
Risk management (2)
Analyst reports (2)
Small and medium business (1)
Office of the CISO (1)
Multifactor authentication (1)
Data protection (1)
Compliance (1)
Security management (0)
Secure remote work (0)
Privacy (0)
Network security (0)
MISA (0)
Microsoft Secure Future Initiative (0)
Information protection and governance (0)
Device management (0)
Data security (0)
Built-in security (0)
Products and services
Microsoft Defender (158)
Microsoft Defender for Endpoint (105)
Microsoft Defender XDR (60)
Microsoft Defender for Office 365 (30)
Microsoft Defender Threat Intelligence (22)
Microsoft Defender Vulnerability Management (19)
Microsoft Defender for Cloud Apps (18)
Microsoft Defender for Cloud (16)
Microsoft Defender for Identity (14)
Microsoft Defender for IoT (9)
Microsoft Defender External Attack Surface Management (4)
Microsoft Defender for Business (0)
Microsoft Sentinel (38)
Microsoft Security Experts (20)
Microsoft Incident Response (8)
Microsoft Defender Experts for XDR (7)
Microsoft Defender Experts for Hunting (7)
Microsoft Security Services for Enterprise (0)
Microsoft Entra (14)
Microsoft Entra ID (8)
Microsoft Entra ID Protection (7)
Microsoft Entra Workload ID (0)
Microsoft Entra Verified ID (0)
Microsoft Entra Private Access (0)
Microsoft Entra Internet Access (0)
Microsoft Entra ID Governance (0)
Microsoft Entra External ID (0)
Microsoft Security Copilot (7)
Microsoft Purview (1)
Microsoft Purview Insider Risk Management (0)
Microsoft Purview Information Protection (0)
Microsoft Purview eDiscovery (0)
Microsoft Purview Data Loss Prevention (0)
Microsoft Purview Data Lifecycle Management (0)
Microsoft Purview Compliance Manager (0)
Microsoft Purview Communication Compliance (0)
Microsoft Purview Audit (0)
Microsoft Priva (0)
Microsoft Priva Subject Rights Requests (0)
Microsoft Priva Risk Management (0)
Microsoft Intune (0)
Microsoft Entra Agent ID (0)
Publish date

  • Go beyond data protection with Microsoft Purview

    Govern, protect, and manage all of your data with Microsoft Purview, comprehensive solutions to help give you better visibility and control.

    Learn more
  • Aerial panoramic view of cityscape skyline with metropole financial district modern skyscrapers during sunrise with illuminated buildings and cloudy sky in London, UK.
    • 12 min read

    Disrupting SEABORGIUM’s ongoing phishing operations

    The Microsoft Threat Intelligence Center (MSTIC) has observed and taken actions to disrupt campaigns launched by SEABORGIUM in campaigns involve persistent phishing and credential theft campaigns leading to intrusions and data theft.

  • Streamline privacy management with Microsoft Priva

    Protect and govern personal information, reduce privacy risks, and manage subject rights requests at scale with Microsoft Priva privacy risk management solutions.

    Learn more
  • Photo of rusty metal materials
    • 16 min read

    Hive ransomware gets upgrades in Rust

    With its latest variant carrying several major upgrades, Hive proves it’s one of the fastest evolving ransomware payload, exemplifying the continuously changing ransomware ecosystem.

  • Simplify endpoint management with Microsoft Intune

    Microsoft Intune is a cloud-based unified endpoint management platform that empowers IT to manage, assess, and protect apps and devices.

    Learn more
  • Photo of Microsoft Cyber Defense Operations Center with the word "Protect" in the foreground.
    • 7 min read

    Improving AI-based defenses to disrupt human-operated ransomware

    To disrupt human-operated ransomware attacks as early as possible, we enhanced the AI-based protections in Microsoft Defender for Endpoint with a range of specialized machine learning techniques that swiftly identify and block malicious files, processes, or behavior observed during active attacks.
  • CISO (chief information security officer) collaborating in a security operations center.
    • 15 min read

    The many lives of BlackCat ransomware

    The use of an unconventional programming language, multiple target devices and possible entry points, and affiliation with prolific threat activity groups have made the BlackCat ransomware a prevalent threat and a prime example of the growing ransomware-as-a-service (RaaS) gig economy.
Load More

Get started with Microsoft Security

Protect your people, data, and infrastructure with AI-powered, end-to-end security from Microsoft.

Learn how

Connect with us on social