Delivering industry-leading detection for a sixth consecutive year For the sixth year in a row, Microsoft Defender XDR demonstrated industry-leading extended detection and response (XDR) capabilities in the independent MITRE ATT&CK® Evaluations: Enterprise. The cyberattack used during the detection test highlights the importance of a unified XDR platform and showcases Defender XDR as a leading…

After co-opting the tools and infrastructure of another nation-state threat actor to facilitate espionage activities, as detailed in our last blog, Russian nation-state actor Secret Blizzard used those tools and infrastructure to compromise targets in Ukraine. Microsoft Threat Intelligence has observed that these campaigns consistently led to the download of Secret Blizzard’s custom malware, with…

There’s no doubt about it: The password era is ending. Bad actors know it, which is why they’re desperately accelerating password-related attacks while they still can. At Microsoft, we block 7,000 attacks on passwords per second—almost double from a year ago. At the same time, we’ve seen adversary-in-the-middle phishing attacks increase by 146% year over…

Traditional security approaches don’t work for AI. Generative AI technology is already transforming our world and has immense positive potential for cybersecurity and business processes, but traditional security models and controls aren’t enough to manage the security risks associated with this new technology.    We recently published a new whitepaper that examines the security challenges and…

In today’s evolving digital landscape, safeguarding data has become a challenge for organizations of all sizes. The ever-expanding data estate, the volume and complexity of cyberattacks, increasing global regulations, and the rapid adoption of AI are shifting how cybersecurity and data teams secure and govern their data. Today, more than 95% of organizations are implementing…

Security information and event management (SIEM) solutions have long served as the indispensable nerve center for the security operations center (SOC). However, the SIEM landscape has undergone seismic shifts and market disruption in recent times, making it that much harder for chief information security officers (CISOs) to navigate and select the optimal SIEM for their…

In mid-October, we released our 2024 Microsoft Digital Defense Report, which revealed over 600 million identity attacks per day. As multifactor authentication now blocks most password-based attacks, we’re seeing a shift in threat actor tactics and a convergence of nation-state and cybercriminal threat activity. More than 99% of identity attacks are password attacks—often due to…

The cybersecurity industry faces an unprecedented talent shortage. In this article, we’ll explore the implications of this shortage and how MXDR services can bridge the gap.  The shortage in cybersecurity expertise presents a significant challenge, affecting various sectors, from businesses to national security. Some notable instances include:  Supply Chains: The June 2023 MOVEit Transfer breach…

We are proud to announce a new partnership with ITHealth, a trusted cyber security provider to the NHS. This partnership expands ITHealth’s offerings by integrating Heimdal’s advanced capabilities into the ITHealth Dashboard. By combining Heimdal’s threat protection and mitigation features with the ITHealth Dashboard, NHS organisations can improve security operations and build greater resilience. Heimdal’s solutions…

Today, organizations around the world are facing a perfect storm of inflation, smaller budgets, rising labor rates, and slower consumer demand. Against that backdrop, hackers are only getting more active. Businesses therefore have some difficult choices to make. Do you continue to invest in an expensive team of security experts, despite the rising costs and…