Threat intelligence

The Microsoft Threat Intelligence community is made up of world-class experts, security researchers, analysts, and threat hunters who analyze 100 trillion signals daily to discover threats and deliver timely and timely, relevant insight to protect customers. See our latest findings, insights, and guidance.

Refine Results

Filtered by

Clear All

Threat intelligence
Newest to Oldest

Refine results

Sort By

Content Type

Topic

Products and services

Publish date

Start Date

End Date

Tailored AI insights from Microsoft Security Copilot
Empower your defenders to detect hidden patterns, harden defenses, and respond to incidents faster with generative AI.
Learn more
May 9, 2019

3 min read

Detecting credential theft through memory access modelling with Microsoft Defender ATP

Microsoft Defender ATP instruments memory-related function calls such as VirtualAlloc and VirtualProtect to catch in-memory attack techniques like reflective DLL loading.
April 25, 2019

7 min read

The evolution of Microsoft Threat Protection, April update

Learn about the latest updates to Microsoft Threat Protection and the details of its foundation built on supporting Zero Trust.
April 10, 2019

9 min read

Analysis of a targeted attack exploiting the WinRAR CVE-2018-20250 vulnerability

A complex attack chain incorporating the CVE-2018-20250 exploit and multiple code execution techniques attempted to run a fileless PowerShell backdoor that could allow an adversary to take full control of compromised machines.
March 25, 2019

5 min read

DART: the Microsoft cybersecurity team we hope you never meet

Meet Microsoft’s Detection and Response Team (DART) and read their advice that may help you avoid working with them in future.
Go beyond data protection with Microsoft Purview
Govern, protect, and manage all of your data with Microsoft Purview, comprehensive solutions to help give you better visibility and control.
Learn more
March 25, 2019

9 min read

From alert to driver vulnerability: Microsoft Defender ATP investigation unearths privilege escalation flaw

Our discovery of two privilege escalation vulnerabilities in a driver highlights the strength of Microsoft Defender ATP’s sensors.
February 28, 2019

3 min read

Announcing Microsoft Threat Experts

Microsoft Threat Experts is a new managed threat hunting service in Windows Defender Advanced Threat Protection.
February 22, 2019

5 min read

Recommendations for deploying the latest Attack surface reduction rules for maximum impact

Attack surface reduction is a technique to remove or constrain exploitable behaviors in your systems.
December 19, 2018

5 min read

Tackling phishing with signal-sharing and machine learning

Across services in Microsoft Threat Protection, the correlation of security signals enhances the comprehensive and integrated security for identities, endpoints, user data, cloud apps, and infrastructure.
Streamline privacy management with Microsoft Priva
Protect and govern personal information, reduce privacy risks, and manage subject rights requests at scale with Microsoft Priva privacy risk management solutions.
Learn more
December 13, 2018

2 min read

Microsoft AI competition explores the next evolution of predictive technologies in security

Predictive technologies are already effective at detecting and blocking malware at first sight.
December 3, 2018

3 min read

Insights from the MITRE ATT&CK-based evaluation of Windows Defender ATP

In MITRE’s evaluation of endpoint detection and response solutions, Windows Defender Advanced Threat Protection demonstrated industry-leading optics and detection capabilities.
December 3, 2018

7 min read

Analysis of cyberattack on U.S. think tanks, non-profits, public sector by unidentified attackers

Reuters recently reported a hacking campaign focused on a wide range of targets across the globe.
November 8, 2018

12 min read

Attack uses malicious InPage document and outdated VLC media player to give attackers backdoor access to targets

Our analysis of a targeted attack that used a language-specific word processor shows why it’s important to understand and protect against small-scale and localized attacks as well as broad-scale malware campaigns.