Exploring the crypt: Analysis of the WannaCrypt ransomware SMB exploit propagation
On May 12, there was a major outbreak of WannaCrypt ransomware.
Threat intelligence
The Microsoft Threat Intelligence community is made up of world-class experts, security researchers, analysts, and threat hunters who analyze 100 trillion signals daily to discover threats and deliver timely and timely, relevant insight to protect customers. See our latest findings, insights, and guidance.
Refine results
Topic
Products and services
Publish date
Secure and verify every identity with Microsoft Entra
Microsoft Entra expands beyond identity and access management with new product categories such as cloud infrastructure entitlement management (CIEM) and decentralized identity.
-
-
New ransomware, old techniques: Petya adds worm capabilities
On June 27, 2017 reports of a ransomware infection began spreading across Europe. -
Analysis of the Shadow Brokers release and mitigation with Windows 10 virtualization-based security
On April 14, a group calling themselves the Shadow Brokers caught the attention of the security community by releasing a set of weaponized exploits. -
WannaCrypt ransomware worm targets out-of-date systems
In this blog, we provide an early analysis of the end-to-end ransomware attack. Prevent threats with Microsoft Defender
The Microsoft Defender family offers comprehensive threat prevention, detection, and response capabilities for everyone—from individuals looking to protect their family to the world’s largest enterprises.
-
The two-pronged approach to detecting persistent adversaries
Advanced Persistent Threats use two primary methods of persistence: compromised endpoints and compromised credentials. -
Tech support scams persist with increasingly crafty techniques
Technical support scams continue to evolve, employing more and more complex social engineering tactics that can increase panic and create a false sense of legitimacy or urgency in an effort to get more victims. -
Detecting and mitigating elevation-of-privilege exploit for CVE-2017-0005
On March 14, 2017, Microsoft released security bulletin MS17-013 to address CVE-2017-0005, a vulnerability in the Windows Win32k component that could potentially allow elevation of privileges. Retain Microsoft Security Experts
Microsoft Security Experts are now available to strengthen your team with managed security services. Learn how to defend against threats with security experts.
-
A new best practice to protect technology supply chain integrity
The success of digital transformation ultimately relies on trust in the security and integrity of information and communications technology (ICT). -
Uncovering cross-process injection with Windows Defender ATP
Windows Defender Advanced Threat Protection (Windows Defender ATP) is a post-breach solution that alerts security operations (SecOps) personnel about hostile activity. -
Breaking down a notably sophisticated tech support scam M.O.
The cornerstone of tech support scams is the deception that there is something wrong with your PC. -
Detecting cyber threats
This post is authored by Joe Faulhaber, Senior Consultant ECG In today’s cyber threat landscape, it’s not a question of if an attack will occur, but who will attack and when.
