Microsoft Data Security Index annual report highlights evolving generative AI security needs
84% of surveyed organizations want to feel more confident about managing and discovering data input into AI apps and tools.
Research
Explore in-depth research on the latest cybersecurity threats, trends, and defense strategies. Get insights from Microsoft that’ll help you better understand and respond to today’s challenges.
Refine results
Topic
Products and services
Publish date
Retain Microsoft Security Experts
Microsoft Security Experts are now available to strengthen your team with managed security services. Learn how to defend against threats with security experts.
-
-
DoD Zero Trust Strategy proves security benchmark years ahead of schedule with Microsoft collaboration
The Navy implementation scored a 100 percent success rate, meeting DoD requirements on all 91 Target-Level activities tested. -
Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network
Since August 2023, Microsoft has observed intrusion activity targeting and successfully stealing credentials from multiple Microsoft customers that is enabled by highly evasive password spray attacks. -
7 cybersecurity trends and tips for small and medium businesses to stay protected
The challenges that small and midsize businesses (SMBs) face when it comes to security continue to increase as it becomes more difficult to keep up with sophisticated cyberthreats with limited resources or security expertise. Modernize your Security Operations Center with Microsoft Sentinel
Microsoft Sentinel is a cloud-native SIEM solution powered by AI and automation that delivers intelligent security analytics across your entire enterprise.
-
Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files
Since October 22, 2024, Microsoft Threat Intelligence has observed Russian threat actor Midnight Blizzard sending a series of highly targeted spear-phishing emails to individuals in government, academia, defense, non-governmental organizations, and other sectors. -
Microsoft Threat Intelligence healthcare ransomware report highlights need for collective industry action
Healthcare organizations are an attractive target for ransomware attacks. -
New macOS vulnerability, “HM Surf”, could lead to unauthorized data access
Microsoft Threat Intelligence uncovered a macOS vulnerability that could potentially allow an attacker to bypass the operating system’s Transparency, Consent, and Control (TCC) technology and gain unauthorized access to a user’s protected data. -
File hosting services misused for identity phishing
Since mid-April 2024, Microsoft has observed an increase in defense evasion tactics used in campaigns abusing file hosting services like SharePoint, OneDrive, and Dropbox. Tailored AI insights from Microsoft Security Copilot
Empower your defenders to detect hidden patterns, harden defenses, and respond to incidents faster with generative AI.
-
Storm-0501: Ransomware attacks expanding to hybrid cloud environments
August 27, 2025 update: Storm-0501 has continuously evolved to achieve sharpened focus on cloud-based TTPs as their primary objective shifted from deploying on-premises endpoint ransomware to using cloud-based ransomware tactics. -
North Korean threat actor Citrine Sleet exploiting Chromium zero-day
Microsoft identified a North Korean threat actor exploiting a zero-day vulnerability in Chromium (CVE-2024-7971) to gain remote code execution (RCE) in the Chromium renderer process. -
Peach Sandstorm deploys new custom Tickler malware in long-running intelligence gathering operations
Between April and July 2024, Microsoft observed Iranian state-sponsored threat actor Peach Sandstorm deploying a new custom multi-stage backdoor, which we named Tickler. -
Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE
Microsoft researchers found multiple vulnerabilities in OpenVPN that could lead to an attack chain allowing remote code execution and local privilege escalation.
