New Microsoft guidance for the CISA Zero Trust Maturity Model
New Microsoft guidance is now available for United States government agencies and their industry partners to help implement Zero Trust strategies and meet CISA Zero Trust requirements.
Microsoft Defender for Cloud named a Leader in Frost Radarâ„¢ for CNAPP for the second year in a row!Â
In the ever-evolving landscape of cloud security, Microsoft continues to assert its dominance with its comprehensive and innovative solutions. The Frost Radarâ„¢: Cloud-Native Application Protection Platforms, 2024 report underscores Microsoft’s leadership in both – the innovation and growth index, highlighting several key strengths that set it apart from the competition.
Frequent freeloader part II: Russian actor Secret Blizzard using tools of other groups to attack Ukraine
Since January 2024, Microsoft has observed Secret Blizzard using the tools or infrastructure of other threat groups to attack targets in Ukraine and download its custom backdoors Tavdig and KazuarV2.
Microsoft Defender XDR demonstrates 100% detection coverage across all cyberattack stages in the 2024 MITRE ATT&CK® Evaluations: Enterprise​​
For the sixth year in a row, Microsoft Defender XDR demonstrated industry-leading extended detection and response (XDR) capabilities in the independent MITRE ATT&CK® Evaluations: Enterprise. The cyberattack used during the detection test highlights the importance of a unified XDR platform and showcases Defender XDR as a leading solution for securing your multi-operating system estate.
Frequent freeloader part I: Secret Blizzard compromising Storm-0156 infrastructure for espionage
Microsoft has observed Secret Blizzard compromising the infrastructure and backdoors of the Pakistan-based threat actor we track as Storm-0156 for espionage against the Afghanistan government and Indian Army targets.
Microsoft shares latest intelligence on North Korean and Chinese threat actors at CYBERWARCON
At CYBERWARCON 2024, Microsoft Threat Intelligence analysts will share research and insights on North Korean and Chinese threat actors representing years of threat actor tracking, infrastructure monitoring and disruption, and their attack tooling.
Microsoft Data Security Index annual report highlights evolving generative AI security needs
84% of surveyed organizations want to feel more confident about managing and discovering data input into AI apps and tools.
DoD Zero Trust Strategy proves security benchmark years ahead of schedule with Microsoft collaboration
The Navy implementation scored a 100 percent success rate, meeting DoD requirements on all 91 Target-Level activities tested.
Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network
Since August 2023, Microsoft has observed intrusion activity targeting and successfully stealing credentials from multiple Microsoft customers that is enabled by highly evasive password spray attacks. Microsoft has linked the source of these password spray attacks to a network of compromised devices we track as CovertNetwork-1658, also known as xlogin and Quad7 (7777).
​​7 cybersecurity trends and tips for small and medium businesses to stay protected
The challenges that small and midsize businesses (SMBs) face when it comes to security continue to increase as it becomes more difficult to keep up with sophisticated cyberthreats with limited resources or security expertise. Research conducted highlights the top seven SMB cybersecurity trends and steps that can be taken to stay protected.
Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files
Since October 22, 2024, Microsoft Threat Intelligence has observed Russian threat actor Midnight Blizzard sending a series of highly targeted spear-phishing emails to individuals in government, academia, defense, non-governmental organizations, and other sectors. This activity is ongoing, and Microsoft will continue to investigate and provide updates as available.
Microsoft Threat Intelligence healthcare ransomware report highlights need for collective industry action
Healthcare organizations are an attractive target for ransomware attacks. Read our latest blog post to learn why and get strategies to protect yourself from cyberthreats.