Today, Microsoft is excited to announce that we are shifting to a new threat actor naming taxonomy aligned to the theme of weather. The complexity, scale, and volume of threats is increasing, driving the need to reimagine not only how Microsoft talks about threats but also how we[…]
Read More
Over the past several months, Microsoft has observed a mature subgroup of Mint Sandstorm, an Iranian nation-state actor previously tracked as PHOSPHORUS, refining its tactics, techniques, and procedures (TTPs). Specifically, this subset has rapidly weaponized N-day vulnerabilities in common enterprise applications and conducted highly-targeted phishing campaigns to quickly[…]
Read More
This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. Global supply chains face a broad range of risks, from physical threats to cybersecurity threats. Sharing information with suppliers is essential for the supply chain to function effectively, but it creates significant[…]
Read More
“Great speakers and very knowledgeable.” “Brilliant.” “Wonderful and very useful.” The first Microsoft Secure on March 28, 2023, was a huge success—as this attendee feedback shows. Our virtual event brought together more than 20,000 security professionals eager to learn security best practices and hear major product announcements—including the[…]
Read More
Low-code: One of the best investment for IT departments in 2023Under these current economic pressures, organizations are being squeezed at all levels, as the International Monetary Fund (IMF) projects slowed global growth in 2023, down to 2.9percent from 6 percent in 2021.1 IT departments are no exception as[…]
Read More
Threat actors often take advantage of current events and major news headlines to align attacks and leverage social engineering when people could be more likely to be distracted or misled. Tax season is particularly appealing to threat actors because not only are people busy and under stress, but[…]
Read MoreLet’s start with the bad news. Cybersecurity breaches can be particularly devastating for supply chains, which involve multiple parties and sensitive information. As operational technology (OT) devices become increasingly connected, blurring the gap between IT and OT environments, the risk of hackers targeting sensitive supply chain data increases.[…]
Read More
In the digital world, when you meet professional contacts for the first time online, you need additional trust signals to increase your confidence that they are who they say they are. We’re thrilled to announce that millions of LinkedIn members will be able to verify their place of[…]
Read More
This guide provides steps that organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2022-21894 via a Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus. UEFI bootkits are particularly dangerous as they run at computer startup, prior to the operating system[…]
Read MoreMicrosoft Threat Intelligence analysts assess with high confidence that a threat group tracked by Microsoft as DEV-0196 is linked to an Israel-based private sector offensive actor (PSOA) known as QuaDream. QuaDream reportedly sells a platform they call REIGN to governments for law enforcement purposes. REIGN is a suite[…]
Read More