Full Operational Shutdown—another cybercrime case from the Microsoft Detection and Response Team
Today, we’re glad to share DART Case Report 002—Full Operational Shutdown.
Threat intelligence
The Microsoft Threat Intelligence community is made up of world-class experts, security researchers, analysts, and threat hunters who analyze 100 trillion signals daily to discover threats and deliver timely and timely, relevant insight to protect customers. See our latest findings, insights, and guidance.
Refine results
Topic
Products and services
Publish date
Modernize your Security Operations Center with Microsoft Sentinel
Microsoft Sentinel is a cloud-native SIEM solution powered by AI and automation that delivers intelligent security analytics across your entire enterprise.
-
-
Microsoft works with healthcare organizations to protect from popular ransomware during COVID-19 crisis: Here’s what to do
Microsoft identified several dozens of hospitals with vulnerable gateway and VPN appliances. -
Defending the power grid against supply chain attacks—Part 2: Securing hardware and software
The hardware and software companies who supply utilities must implement better security of their build and update environment to reduce the risk of an attack on critical infrastructure. -
Latest Astaroth living-off-the-land attacks are even more invisible but not less observable
Astaroth is back sporting significant changes. Tailored AI insights from Microsoft Security Copilot
Empower your defenders to detect hidden patterns, harden defenses, and respond to incidents faster with generative AI.
-
Secured-core PCs: A brief showcase of chip-to-cloud security against kernel attacks
Secured-core PCs combine virtualization, operating system, and hardware and firmware protection. -
Guarding against supply chain attacks—Part 3: How software becomes compromised
Set a high standard of software assurance with internal teams, partners, and suppliers to reduce your risk of a software supply chain attack. -
Behavioral blocking and containment: Transforming optics into protection
Behavioral blocking and containment capabilities leverage multiple Microsoft Defender ATP components and features to immediately stop attacks before they can progress. -
Real-life cybercrime stories from DART, the Microsoft Detection and Response Team
In the new DART Case Reports, you’ll find unique stories from our team’s engagements around the globe. Go beyond data protection with Microsoft Purview
Govern, protect, and manage all of your data with Microsoft Purview, comprehensive solutions to help give you better visibility and control.
-
Human-operated ransomware attacks: A preventable disaster
In human-operated ransomware attacks, adversaries exhibit extensive knowledge of systems administration and common network security misconfigurations, perform thorough reconnaissance, and adapt to what they discover in a compromised network. -
Defending the power grid against supply chain attacks—Part 1: The risk defined
The “Defending the power grid against supply chain attacks” blog series analyzes how supply chain attacks are conducted and the steps utilities, device manufacturers, and software providers can take to better secure critical infrastructure. -
Ghost in the shell: Investigating web shell attacks
Web shell attacks allow adversaries to run commands and steal data from an Internet-facing server or use the server as launch pad for further attacks against the affected organization. -
Guarding against supply chain attacks—Part 2: Hardware risks
Part 2 examines the hardware supply chain, its vulnerabilities, how you can protect yourself, and Microsoft’s role in reducing hardware-based attacks.
