Executive summary On July 11, 2023, Microsoft published two blogs detailing a malicious campaign by a threat actor tracked as Storm-0558 that targeted customer email that we’ve detected and mitigated: Microsoft Security Response Center and Microsoft on the Issues. As we continue our investigation into this incident and deploy[…]

Microsoft has identified a phishing campaign conducted by the threat actor tracked as Storm-0978 targeting defense and government entities in Europe and North America. The campaign involved the abuse of CVE-2023-36884, which included a remote code execution vulnerability exploited before disclosure to Microsoft via Word documents, using lures[…]

A year ago when we announced the Microsoft Entra product family, we asked what the world could achieve if we had trust in every digital experience and interaction.1 This question inspired us to offer a vision for securing the millions and millions of connections that happen every second[…]

We know customers of every size face ever-increasing security risks. In just the last 12 months the speed of attackers leveraging breaches is also increasing, as it only takes 72 minutes on average for an attacker to access private data from the time a user falls victim to[…]

As ransomware attacks continue to grow in number and sophistication, threat actors can quickly impact business operations if organizations are not well prepared. In a recent investigation by Microsoft Incident Response (previously known as Microsoft Detection and Response Team – DART) of an intrusion, we found that the[…]

As ransomware attacks continue to grow in number and sophistication, threat actors can quickly impact business operations if organizations are not well prepared. In a recent investigation by Microsoft Incident Response (previously known as Microsoft Detection and Response Team – DART) of an intrusion, we found that the[…]

Microsoft security researchers tracked a 130.4 percent increase in organizations that have encountered ransomware over the last year. Endpoints are an important attack vector and ensuring that organizations have modern endpoint security as part of a broader extended detection and response strategy, is top of mind for chief[…]

Microsoft security researchers tracked a 130.4 percent increase in organizations that have encountered ransomware over the last year. Endpoints are an important attack vector and ensuring that organizations have modern endpoint security as part of a broader extended detection and response strategy, is top of mind for chief[…]

In today’s digital age, cloud computing has become an essential part of businesses, enabling them to store and access their data from anywhere. However, with convenience comes the risk of data breaches and cyberattacks. Therefore, it is crucial to implement best practices to secure data in cloud services.[…]