Threat intelligence

The Microsoft Threat Intelligence community is made up of world-class experts, security researchers, analysts, and threat hunters who analyze 78 trillion signals daily to discover threats and deliver timely and timely, relevant insight to protect customers. See our latest findings, insights, and guidance.

Refine Results

Filtered by

Clear All

Oldest to Newest

Refine results

Sort By

Content Type

Topic

Products and services

Publish date

Start Date

End Date

Streamline privacy management with Microsoft Priva
Protect and govern personal information, reduce privacy risks, and manage subject rights requests at scale with Microsoft Priva privacy risk management solutions.
Learn more
September 12, 2018

10 min read

Office VBA + AMSI: Parting the veil on malicious macros

As part of our continued efforts to tackle entire classes of threats, Office 365 client applications now integrate with Antimalware Scan Interface (AMSI), enabling antivirus and other security solutions to scan macros and other scripts at runtime to check for malicious behavior.
September 27, 2018

15 min read

Out of sight but not invisible: Defeating fileless malware with behavior monitoring, AMSI, and next-gen AV

Removing the need for files is the next progression of attacker techniques.
October 26, 2018

6 min read

Windows Defender Antivirus can now run in a sandbox

Windows Defender Antivirus has hit a new milestone: the built-in antivirus capabilities on Windows can now run within a sandbox.
November 8, 2018

6 min read

Attack uses malicious InPage document and outdated VLC media player to give attackers backdoor access to targets

Our analysis of a targeted attack that used a language-specific word processor shows why it’s important to understand and protect against small-scale and localized attacks as well as broad-scale malware campaigns.
Simplify endpoint management with Microsoft Intune
Microsoft Intune is a cloud-based unified endpoint management platform that empowers IT to manage, assess, and protect apps and devices.
Learn more
December 3, 2018

7 min read

Analysis of cyberattack on U.S. think tanks, non-profits, public sector by unidentified attackers

Reuters recently reported a hacking campaign focused on a wide range of targets across the globe.
December 3, 2018

3 min read

Insights from the MITRE ATT&CK-based evaluation of Windows Defender ATP

In MITRE’s evaluation of endpoint detection and response solutions, Windows Defender Advanced Threat Protection demonstrated industry-leading optics and detection capabilities.
December 13, 2018

2 min read

Microsoft AI competition explores the next evolution of predictive technologies in security

Predictive technologies are already effective at detecting and blocking malware at first sight.
December 19, 2018

5 min read

Tackling phishing with signal-sharing and machine learning

Across services in Microsoft Threat Protection, the correlation of security signals enhances the comprehensive and integrated security for identities, endpoints, user data, cloud apps, and infrastructure.
Secure and verify every identity with Microsoft Entra
Microsoft Entra expands beyond identity and access management with new product categories such as cloud infrastructure entitlement management (CIEM) and decentralized identity.
Learn more
February 22, 2019

5 min read

Recommendations for deploying the latest Attack surface reduction rules for maximum impact

Attack surface reduction is a technique to remove or constrain exploitable behaviors in your systems.
February 28, 2019

3 min read

Announcing Microsoft Threat Experts

Microsoft Threat Experts is a new managed threat hunting service in Windows Defender Advanced Threat Protection.
March 25, 2019

9 min read

From alert to driver vulnerability: Microsoft Defender ATP investigation unearths privilege escalation flaw

Our discovery of two privilege escalation vulnerabilities in a driver highlights the strength of Microsoft Defender ATP’s sensors.
March 25, 2019

5 min read

DART: the Microsoft cybersecurity team we hope you never meet

Meet Microsoft’s Detection and Response Team (DART) and read their advice that may help you avoid working with them in future.