ThreatsHub.org
In the third of a four-part series on the Nobelium nation-state attack, we share how Microsoft product teams built new detections into products to better protect customers.
The post Behind the unprecedented effort to protect customers against the NOBELIUM nation-state attack appeared first on Microsoft Security Blog. READ MORE HERE…
Sophisticated cyberattacks are on the rise, with email phishing as the most common attack vector. Microsoft has been working hard to understand these types of attacks and create solutions that help prevent, detect, and remediate vulnerability at the most basic point of attack, the user.
The post Protect against phishing with Attack Simulation Training in Microsoft Defender for Office 365 appeared first on Microsoft Security Blog. READ MORE HERE…
Our security solutions use multiple detection and prevention techniques to help users avoid divulging sensitive information to phishers as attackers continue refining their impersonation tricks. In this blog, we discuss our latest innovation toward developing another detection layer focusing on the visual components of brand impersonation attacks.
The post Spotting brand impersonation with Swin transformers and Siamese neural networks appeared first on Microsoft Security Blog. READ MORE HERE…
Microsoft 365 Defender researchers recently uncovered and disrupted a large-scale business email compromise (BEC) infrastructure hosted in multiple web services. Attackers used this cloud-based infrastructure to compromise mailboxes via phishing and add forwarding rules, enabling these attackers to get access to emails about financial transactions.
The post Behind the scenes of business email compromise: Using cross-domain threat data to disrupt a large BEC campaign appeared first on Microsoft Security Blog. READ MORE HERE…
We are proud to announce today that Microsoft is positioned as a leader in The Forrester Wave™: Enterprise Email Security, Q2 2021, receiving among the highest scores in the strategy category.
The post Forrester names Microsoft a Leader in the 2021 Enterprise Email Security Wave appeared first on Microsoft Security. READ MORE HERE…
Read our investigation of a BEC campaign that used attacker-created email infrastructure to facilitate gift card theft targeting the consumer goods, process manufacturing and agriculture, real estate, discrete manufacturing, and professional services sectors.
The post Business email compromise campaign targets wide range of orgs with gift card scam appeared first on Microsoft Security. READ MORE HERE…
Business email compromise is the costliest phishing attack threat to organizations. In this post, we explore how it works and strategies to fight it.
The post Business email compromise: How Microsoft is combating this costly threat appeared first on Microsoft Security. READ MORE HERE…
Sweeping research into massive attacker infrastructures, as well as our real-time monitoring of malware campaigns and attacker activity, directly inform Microsoft security solutions, allowing us to build or improve protections that block malware campaigns and other email threats, both current and future, as well as provide enterprises with the tools for investigating and responding to email campaigns in real-time.
The post What tracking an attacker email infrastructure tells us about persistent cybercriminal operations appeared first on Microsoft Security. READ MORE HERE…
BISMUTH, which has been running increasingly complex cyberespionage attacks as early as 2012, deployed Monero coin miners in campaigns from July to August 2020. The group’s use of coin miners was unexpected, but it was consistent with their longtime methods of blending in.
The post Threat actor leverages coin miner techniques to stay under the radar – here’s how to spot them appeared first on Microsoft Security. READ MORE HERE…