Microsoft Security Intelligence Report Volume 21 is now available

The latest volume of the Microsoft Security Intelligence Report is now available for free download at www.microsoft.com/sir. This new volume of the report includes threat data from the first half of 2016 as well as longer term trend data on industry vulnerabilities, exploits, malware, and malicious websites. The report also provides specific threat data for over 100 countries/regions. Our Featured Intelligence content for this volume of the report includes three … Read more »

What’s Been Happening in the Threat Landscape in the European Union

Recently, I had the opportunity to visit customers in several countries in the European Union (EU). The threat landscape in the EU has been changing rapidly, and in some unpredictable ways. I thought it was time to share some new data and insights based on data from the latest volume of the Microsoft Security Intelligence Report. I have written about the threat landscape in the EU many times in the … Read more »

Protecting Identities in the Cloud: Mitigating Password Attacks

We just released a new volume of the Microsoft Security Intelligence Report. Included in the report, for the first time, is security data from the Microsoft cloud that reveals how we are leveraging an intelligent security graph to inform how we protect endpoints, better detect attacks and accelerate our response, to help protect our customers. In November we outlined Microsoft’s new approach to how we Protect, Detect and Respond to … Read more »

Microsoft Security Intelligence Report Volume 20 is now available

The latest volume of the Microsoft Security Intelligence Report (SIR) is now available for free download at www.microsoft.com/sir. We’ve been publishing threat intelligence reports for our customers, partners and the industry for 10 years now. During that time, we’ve published over 12,500 pages of threat intelligence, 100+ blog posts, many videos, and delivered thousands of customer briefings all over the world. This new volume of the report includes threat data … Read more »

Ransomware: Understanding the Risk

Ransomware is a type of malware that holds computers or files for ransom by encrypting files or locking the desktop or browser on systems that are infected with it, then demanding a ransom in order to regain access. Criminals have used high pressure techniques to get victims to pay the ransom, such as: Make encrypted data unrecoverable after a certain period of time Threaten to post captured (potentially sensitive) data … Read more »

Defending against persistent attackers: What we’ve learned

Part of what we do at the Microsoft Malware Protection Center involves keeping tabs on known activity groups. This is some of the most interesting and intriguing work we do. One particularly aggressive and persistent group we track is known within Microsoft by the code-name “STRONTIUM” (following our internal practice of assigning chemical element names to such groups). Whereas most cyber-attack groups are ultimately profit-oriented, STRONTIUM mainly seeks sensitive information. … Read more »

The Threat Landscape in Canada – 2015 Update

I have written about the threat landscape in Canada a couple of times over the years. Using new data from the latest volume of the Microsoft Security Intelligence Report, volume 19, I thought I’d take a fresh look at what has been happening in Canada as its been about a year since I last published an article on it. If you are interested in reading some of the analysis I … Read more »

Microsoft Security Intelligence Report Volume 19 is now available

We’ve just published hundreds of pages of new threat intelligence available for free download at www.microsoft.com/sir. This includes threat data from the first half of 2015 as well as longer term trend data on the industry vulnerabilities, exploits, malware, and malicious websites that your organization should use to assess your current security posture. We are also providing threat data for over 100 countries/regions. Additionally, this volume of the report includes … Read more »

Historic High Infection Rates – The Threat Landscape in the Middle East

I have written about the threat landscape in the Middle East extensively over the years. It’s been about 18 months since I published my last article on this part of the world and malware infection rates in some locations in the region have since risen to historic highs – far above the highest malware infection rates ever published in the Microsoft Security Intelligence Report. So I thought I’d take a … Read more »

Cloud security controls series: Multi-factor Authentication

Recently I wrote an article on the risk of leaked credentials in which I discussed how credentials are stolen in bulk directly from organizations’ websites. As illustrated in Figure 1, during the eight months between November 2013 and June 2014, Microsoft tracked about 1,700 distinct website credential thefts, comprising a little more than 2.3 million credentials that were posted in public places on the Internet. This number represents only a … Read more »