Think before you Click(Fix): Analyzing the ClickFix social engineering technique
The ClickFix social engineering technique has been growing in popularity, with campaigns targeting thousands of enterprise and end-user devices daily.
Microsoft Defender for Office 365
Refine results
Topic
Products and services
Publish date
-
-
Transparency on Microsoft Defender for Office 365 email security effectiveness
Microsoft believes in transparently sharing performance data from Microsoft Defender for Office 365, and other ecosystem providers, to help customers evaluate email security solutions and make decisions to layer for defense in depth. -
Defending against evolving identity attack techniques
Threat actors continue to develop and leverage various techniques that aim to compromise cloud identities. -
Lumma Stealer: Breaking down the delivery techniques and capabilities of a prolific infostealer
Over the past year, Microsoft Threat Intelligence observed the persistent growth and operational sophistication of Lumma Stealer, an info-stealing malware used by multiple financially motivated threat actors to target various industries. Prevent threats with Microsoft Defender
The Microsoft Defender family offers comprehensive threat prevention, detection, and response capabilities for everyone—from individuals looking to protect their family to the world’s largest enterprises.
-
Phishing campaign impersonates Booking.com, delivers a suite of credential-stealing malware
Microsoft Threat Intelligence identified a phishing campaign that impersonates online travel agency Booking. -
Storm-2372 conducts device code phishing campaign
Microsoft Threat Intelligence Center discovered an active and successful device code phishing campaign by a threat actor we track as Storm-2372. -
Why security teams rely on Microsoft Defender Experts for XDR for managed detection and response
Microsoft Defender Experts for XDR is a mature and proven service that triages, investigates, and responds to incidents and hunts for threats on a customer’s behalf around the clock. -
How Microsoft Defender for Office 365 innovated to address QR code phishing attacks
This blog examines the impact of QR code phishing campaigns and the innovative features of Microsoft Defender for Office 365 that help combat evolving cyberthreats. Retain Microsoft Security Experts
Microsoft Security Experts are now available to strengthen your team with managed security services. Learn how to defend against threats with security experts.
-
File hosting services misused for identity phishing
Since mid-April 2024, Microsoft has observed an increase in defense evasion tactics used in campaigns abusing file hosting services like SharePoint, OneDrive, and Dropbox. -
New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs
Since November 2023, Microsoft has observed a distinct subset of Mint Sandstorm (PHOSPHORUS) targeting high-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the United Kingdom, and the United States. -
Financially motivated threat actors misusing App Installer
Since mid-November 2023, Microsoft Threat Intelligence has observed threat actors, including financially motivated actors like Storm-0569, Storm-1113, Sangria Tempest, and Storm-1674, utilizing the ms-appinstaller URI scheme (App Installer) to distribute malware. -
Threat actors misuse OAuth applications to automate financially driven attacks
Microsoft Threat Intelligence presents cases of threat actors misusing OAuth applications as automation tools in financially motivated attacks.
