Threat intelligence

The Microsoft Threat Intelligence community is made up of world-class experts, security researchers, analysts, and threat hunters who analyze 100 trillion signals daily to discover threats and deliver timely and timely, relevant insight to protect customers. See our latest findings, insights, and guidance.

Refine Results

Filtered by

Clear All

Threat intelligence
Oldest to Newest

Refine results

Sort By

Content Type

Topic

Products and services

Publish date

Start Date

End Date

Tailored AI insights from Microsoft Security Copilot
Empower your defenders to detect hidden patterns, harden defenses, and respond to incidents faster with generative AI.
Learn more
September 3, 2019

6 min read

Deep learning rises: New methods for detecting malicious PowerShell

We adopted a deep learning technique that was initially developed for natural language processing and applied to expand Microsoft Defender ATP’s coverage of detecting malicious PowerShell scripts, which continue to be a critical attack vector.
September 26, 2019

10 min read

Bring your own LOLBin: Multi-stage, fileless Nodersok campaign delivers rare Node.js-based malware

A new fileless malware campaign we dubbed Nodersok delivers two very unusual LOLBins to turn infected machines into zombie proxies.
September 30, 2019

1 min read

TLS version enforcement capabilities now available per certificate binding on Windows Server 2019

Microsoft is pleased to announce a powerful new feature in Windows to make your transition to a TLS 1.
October 8, 2019

8 min read

In hot pursuit of elusive threats: AI-driven behavior-based blocking stops attacks in their tracks

Two new machine learning protection features within the behavioral blocking and containment capabilities in Microsoft Defender ATP specialize in detecting threats by analyzing behavior, adding new layers of protection after an attack has started running.
Go beyond data protection with Microsoft Purview
Govern, protect, and manage all of your data with Microsoft Purview, comprehensive solutions to help give you better visibility and control.
Learn more
October 16, 2019

5 min read

Guarding against supply chain attacks—Part 1: The big picture

Paying attention to every link in your supply chain is vital to protect your assets from supply chain attacks.
October 16, 2019

5 min read

Top 6 email security best practices to protect against phishing attacks and business email compromise

What should IT and security teams be looking for in an email security solution to protect all their users, from frontline workers to the C-suite? Here are 6 tips to ensure your organization has a strong email security posture.
November 7, 2019

4 min read

Microsoft works with researchers to detect and protect against new RDP exploits

The new exploit attacks show that BlueKeep will be a threat as long as systems remain unpatched, credential hygiene is not achieved, and overall security posture is not kept in check.
November 26, 2019

10 min read

Insights from one year of tracking a polymorphic threat

We discovered the polymoprhic threat Dexphot in October 2018.
Streamline privacy management with Microsoft Priva
Protect and govern personal information, reduce privacy risks, and manage subject rights requests at scale with Microsoft Priva privacy risk management solutions.
Learn more
December 9, 2019

6 min read

Improve cyber supply chain risk management with Microsoft Azure

To keep government agencies secure in the cloud, we must keep pace and stay ahead of cyber attackers by defending the cyber supply chain with Microsoft Azure.
December 11, 2019

6 min read

The quiet evolution of phishing

In 2019, we saw phishing attacks reach new levels of creativity and sophistication.
December 12, 2019

9 min read

GALLIUM: Targeting global telecom

Microsoft Threat Intelligence Center (MSTIC) is raising awareness of the ongoing activity by a group we call GALLIUM, targeting telecommunication providers.
December 12, 2019

8 min read

Multi-stage downloader Trojan sLoad abuses BITS almost exclusively for malicious activities

Many of today’s threats evolve to incorporate as many living-off-the-land techniques as possible into the attack chain.