Threat intelligence

The Microsoft Threat Intelligence community is made up of world-class experts, security researchers, analysts, and threat hunters who analyze 78 trillion signals daily to discover threats and deliver timely and timely, relevant insight to protect customers. See our latest findings, insights, and guidance.

Refine Results

Filtered by

Clear All

Oldest to Newest

Refine results

Sort By

Content Type

Topic

Products and services

Publish date

Start Date

End Date

Retain Microsoft Security Experts
Microsoft Security Experts are now available to strengthen your team with managed security services. Learn how to defend against threats with security experts.
Get started
November 28, 2016

6 min read

Disrupting the kill chain

This post is authored by Jonathan Trull, Worldwide Executive Cybersecurity Advisor, Enterprise Cybersecurity Group.
December 14, 2016

3 min read

Twin zero-day attacks: PROMETHIUM and NEODYMIUM target individuals in Europe

Targeted attacks are typically carried out against individuals to obtain intellectual property and other valuable data from target organizations.
January 26, 2017

5 min read

Phishers unleash simple but effective social engineering techniques using PDF attachments

The Gmail phishing attack is reportedly so effective that it tricks even technical users, but it may be just the tip of the iceberg.
February 10, 2017

3 min read

Detecting cyber threats

This post is authored by Joe Faulhaber, Senior Consultant ECG In today’s cyber threat landscape, it’s not a question of if an attack will occur, but who will attack and when.
Modernize your Security Operations Center with Microsoft Sentinel
Microsoft Sentinel is a cloud-native SIEM solution powered by AI and automation that delivers intelligent security analytics across your entire enterprise.
Learn more
March 2, 2017

4 min read

Breaking down a notably sophisticated tech support scam M.O.

The cornerstone of tech support scams is the deception that there is something wrong with your PC.
March 8, 2017

7 min read

Uncovering cross-process injection with Windows Defender ATP

Windows Defender Advanced Threat Protection (Windows Defender ATP) is a post-breach solution that alerts security operations (SecOps) personnel about hostile activity.
March 22, 2017

3 min read

A new best practice to protect technology supply chain integrity

The success of digital transformation ultimately relies on trust in the security and integrity of information and communications technology (ICT).
March 27, 2017

6 min read

Detecting and mitigating elevation-of-privilege exploit for CVE-2017-0005

On March 14, 2017, Microsoft released security bulletin MS17-013 to address CVE-2017-0005, a vulnerability in the Windows Win32k component that could potentially allow elevation of privileges.
Tailored AI insights from Microsoft Security Copilot
Empower your defenders to detect hidden patterns, harden defenses, and respond to incidents faster with generative AI.
Learn more
April 3, 2017

23 min read

Tech support scams persist with increasingly crafty techniques

Technical support scams continue to evolve, employing more and more complex social engineering tactics that can increase panic and create a false sense of legitimacy or urgency in an effort to get more victims.
April 13, 2017

4 min read

The two-pronged approach to detecting persistent adversaries

Advanced Persistent Threats use two primary methods of persistence: compromised endpoints and compromised credentials.
April 19, 2017

1 min read

Is social engineering the biggest threat to your organization?

“Always remember: Amateurs hack systems.
May 12, 2017

9 min read

WannaCrypt ransomware worm targets out-of-date systems

In this blog, we provide an early analysis of the end-to-end ransomware attack.