Collaborate Disseminate
Reuters recently reported a hacking campaign focused on a wide range of targets across the globe. In the days leading to the Reuters publication, Microsoft researchers were closely tracking the same campaign. Our sensors revealed that the campaign prim… Continue reading Analysis of cyberattack on U.S. think tanks, non-profits, public sector by unidentified attackers
Several weeks ago, the Windows Defender Advanced Threat Protection (Windows Defender ATP) team uncovered a new cyberattack that targeted several high-profile organizations in the energy and food and beverage sectors in Asia. Given the target region and… Continue reading Windows Defender ATP device risk score exposes new cyberattack, drives Conditional access to protect networks
Across Windows Defender Advanced Threat Protection (Windows Defender ATP) engineering and research teams, innovation drives our mission to protect devices in the modern workplace. Our goal is to equip security teams with the tools and insights to prote… Continue reading What’s new in Windows Defender ATP
Our analysis of a targeted attack that used a language-specific word processor shows why its important to understand and protect against small-scale and localized attacks as well as broad-scale malware campaigns. The attack exploited a vulnerability in… Continue reading Attack uses malicious InPage document and outdated VLC media player to give attackers backdoor access to targets
Cyber thieves are continuously looking for new ways to get people to click on a bad link, open a malicious file, or install a poisoned update in order to steal valuable data. In the past, they cast as wide a net as possible to increase the pool of pote… Continue reading Small businesses targeted by highly localized Ursnif campaign
Every day, antivirus capabilities in Windows Defender Advanced Threat Protection (Windows Defender ATP) protect millions of customers from threats. To effectively scale protection, Windows Defender ATP uses intelligent systems that combine multiple lay… Continue reading Partnering with the industry to minimize false positives
Harnessing the power of machine learning and artificial intelligence has enabled Windows Defender Advanced Threat Protection (Windows Defender ATP) next-generation protection to stop new malware attacks before they can get started often within millise… Continue reading Protecting the protector: Hardening machine learning defenses against adversarial attacks
A new software supply chain attack unearthed by Windows Defender Advanced Threat Protection (Windows Defender ATP) emerged as an unusual multi-tier case. Unknown attackers compromised the shared infrastructure in place between the vendor of a PDF edito… Continue reading Attack inception: Compromised supply chain within a supply chain poses new risks
In a previous post, in the spirit of our commitment to delivering industry-leading protection, customer choice, and transparency on the quality of our solutions, we shared insights and context into the results of AV-TESTs January-February 2018 test cyc… Continue reading March-April 2018 test results: More insights into industry AV tests
Much of cybercrime today is fueled by underground markets where malware and cybercriminal services are available for purchase. These markets in the deep web commoditize malware operations. Even novice cybercriminals can buy malware toolkits and other s… Continue reading Hawkeye Keylogger – Reborn v8: An in-depth campaign analysis