Skip to main content
Skip to main content
Microsoft
Microsoft Security
Microsoft Security
Microsoft Security
Home
Solutions
Cloud security
Frontline workers
Identity & access
Information protection & governance
IoT security
Ransomware
Risk management
Secure remote work
SIEM & XDR
Small & medium business
Zero Trust
Products
Product families
Product families
Microsoft Defender
Microsoft Entra
Microsoft Purview
Identity & access
Identity & access
Azure Active Directory part of Microsoft Entra
Microsoft Entra Permissions Management
Microsoft Entra Verified ID
Azure Key Vault
SIEM & XDR
SIEM & XDR
Microsoft Sentinel
Microsoft Defender for Cloud
Microsoft 365 Defender
Microsoft Defender for Endpoint
Microsoft Defender for Office 365
Microsoft Defender for Identity
Microsoft Defender for Cloud Apps
Microsoft Defender Vulnerability Management
Microsoft Defender Threat Intelligence
Cloud security
Cloud security
Microsoft Defender for Cloud
Azure Firewall
Azure Web App Firewall
Azure DDoS Protection
GitHub Advanced Security
Microsoft Defender External Attack Surface Management
Endpoint security
Endpoint security
Microsoft 365 Defender
Microsoft Defender for Endpoint
Microsoft Defender for IoT
Microsoft Defender for Business
Microsoft Defender Vulnerability Management
Risk management & privacy
Risk management & privacy
Microsoft Purview Insider Risk Management
Microsoft Purview Communication Compliance
Microsoft Purview eDiscovery
Microsoft Purview Compliance Manager
Microsoft Priva Risk Management
Microsoft Priva Subject Rights Requests
Information protection
Information protection
Microsoft Purview Information Protection
Microsoft Purview Data Lifecycle Management
Microsoft Purview Data Loss Prevention
Device management
Device management
Microsoft Endpoint Manager
Services
Microsoft Security Experts
Microsoft Defender Experts for Hunting
Microsoft Security Services for Enterprise
Microsoft Security Services for Incident Response
Microsoft Security Services for Modernization
Partners
Resources
Get started
Get started
Customer stories
Security 101
Product trials
How we protect Microsoft
Reports and analysis
Reports and analysis
Microsoft Security Insider
Microsoft Digital Defense Report
Security Response Center
Community
Community
Microsoft Security Blog
Microsoft Security Events
Microsoft Tech Community
Documentation and training
Documentation and training
Documentation
Technical Content Library
Training & certifications
Additional sites
Additional sites
Compliance Program for Microsoft Cloud
Microsoft Trust Center
Security Engineering Portal
Service Trust Portal
Contact sales
More
Start free trial
All Microsoft
Microsoft Security
Azure
Dynamics 365
Microsoft 365
Microsoft Teams
Windows 365
Tech & innovation
Tech & innovation
Microsoft Cloud
AI
Azure Space
Mixed reality
Microsoft HoloLens
Microsoft Viva
Quantum computing
Sustainability
Industries
Industries
Education
Automotive
Financial services
Government
Healthcare
Manufacturing
Retail
All industries
Partners
Partners
Find a partner
Become a partner
Partner Network
Find an advertising partner
Become an advertising partner
Azure Marketplace
AppSource
Resources
Resources
Blog
Microsoft Advertising
Developer Center
Documentation
Events
Licensing
Microsoft Learn
Microsoft Research
View Sitemap
Search
Search Microsoft Security
Cancel
Sign in
Ransomware
Featured image for AI-driven adaptive protection against human-operated ransomware
November 15, 2021
• 8 min read
AI-driven adaptive protection against human-operated ransomware
We developed a cloud-based machine learning system that, when queried by a device, intelligently predicts if it is at risk, then automatically issues a more aggressive blocking verdict to protect the device, thwarting an attacker’s next steps.
Read more
AI-driven adaptive protection against human-operated ransomware
Featured image for Microsoft Digital Defense Report 2020: Cyber Threat Sophistication on the Rise
September 29, 2020
• 2 min read
Microsoft Digital Defense Report 2020: Cyber Threat Sophistication on the Rise
A new report from Microsoft shows it is clear that threat actors have rapidly increased in sophistication over the past year, using techniques that make them harder to identify.
Read more
Microsoft Digital Defense Report 2020: Cyber Threat Sophistication on the Rise
Featured image for Inside Microsoft 365 Defender: Attack modeling for finding and stopping lateral movement
June 10, 2020
• 8 min read
Inside Microsoft 365 Defender: Attack modeling for finding and stopping lateral movement
Microsoft Threat Protection uses a data-driven approach for identifying lateral movement, combining industry-leading optics, expertise, and data science to deliver automated discovery of some of the most critical threats today.
Read more
Inside Microsoft 365 Defender: Attack modeling for finding and stopping lateral movement
Featured image for Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk
April 28, 2020
• 13 min read
Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk
Multiple ransomware groups that have been accumulating access and maintaining persistence on target networks for several months activated dozens of ransomware deployments in the first two weeks of April 2020.
Read more
Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk
Featured image for Microsoft works with healthcare organizations to protect from popular ransomware during COVID-19 crisis: Here’s what to do
April 1, 2020
• 5 min read
Microsoft works with healthcare organizations to protect from popular ransomware during COVID-19 crisis: Here’s what to do
Microsoft identified several dozens of hospitals with vulnerable gateway and VPN appliances. We sent these hospitals a first-of-its-kind notification with important info about the vulnerabilities, how attackers can take advantage of them, and a strong recommendation to apply security updates.
Read more
Microsoft works with healthcare organizations to protect from popular ransomware during COVID-19 crisis: Here’s what to do
Featured image for Latest Astaroth living-off-the-land attacks are even more invisible but not less observable
March 23, 2020
• 6 min read
Latest Astaroth living-off-the-land attacks are even more invisible but not less observable
Astaroth is back sporting significant changes. The updated attack chain maintains Astaroth’s complex, multi-component nature and continues its pattern of detection evasion.
Read more
Latest Astaroth living-off-the-land attacks are even more invisible but not less observable
Featured image for Secured-core PCs: A brief showcase of chip-to-cloud security against kernel attacks
March 17, 2020
• 8 min read
Secured-core PCs: A brief showcase of chip-to-cloud security against kernel attacks
Secured-core PCs combine virtualization, operating system, and hardware and firmware protection. Along with Microsoft Defender ATP, Secured-core PCs provide end-to-end protection against advanced attacks that leverage driver vulnerabilities to gain kernel privileges.
Read more
Secured-core PCs: A brief showcase of chip-to-cloud security against kernel attacks
Featured image for Human-operated ransomware attacks: A preventable disaster
March 5, 2020
• 19 min read
Human-operated ransomware attacks: A preventable disaster
In human-operated ransomware attacks, adversaries exhibit extensive knowledge of systems administration and common network security misconfigurations, perform thorough reconnaissance, and adapt to what they discover in a compromised network.
Read more
Human-operated ransomware attacks: A preventable disaster
October 23, 2018
• 1 min read
Top 10 security steps in Microsoft 365 that political campaigns can take today
With the U.S. midterm elections rapidly approaching, campaigns must be vigilant in protecting against cyberattacks to their online collaboration tools, including email. Microsoft has compiled a list of 10 high-impact, easy-to-implement security settings that any campaign or election organization should consider for increased security in Microsoft 365.
Read more
Top 10 security steps in Microsoft 365 that political campaigns can take today
Featured image for Attack inception: Compromised supply chain within a supply chain poses new risks
July 26, 2018
• 11 min read
Attack inception: Compromised supply chain within a supply chain poses new risks
A new software supply chain attack unearthed by Windows Defender Advanced Threat Protection (Windows Defender ATP) emerged as an unusual multi-tier case. Unknown attackers compromised the shared infrastructure in place between the vendor of a PDF editor application and one of its software vendor partners, making the app’s legitimate installer the unsuspecting carrier of a…
Read more
Attack inception: Compromised supply chain within a supply chain poses new risks
1
2
3
Next Page