Select Page
Diagram of high-level Solorigate attack chain

Increasing resilience against Solorigate and other sophisticated attacks with Microsoft Defender

­Even as investigations into the sophisticated attack known as Solorigate are still underway, details and insights about the tools, patterns, and methods used by the attackers point to steps that organizations can take to improve their defenses against similar attacks ... continue reading

The dynamic duo: How to build a red and blue team to strengthen your cybersecurity, Part 1

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the first post of our new Voice of the Community blog series, Microsoft Product Marketing Manager Natalia Godyla talks with Jake Williams, ... continue reading
Diagram of the high-level Solorigate attack chain

Using Microsoft 365 Defender to protect against Solorigate

Microsoft security researchers continue to investigate and respond to the sophisticated cyberattack known as Solorigate (also referred to as Sunburst by FireEye) involving a supply chain compromise and the subsequent compromise of cloud assets. While the related investigations and impact ... continue reading
PassTests.gif

Have Your Company's Systems Passed All Security Tests?

Dear IT Pros, Happy Holiday and Merry Christmas! I would like to make this article more fluid and less dry, with the hope that not all my blog articles’ contents are too serious and too long to read. Let me ... continue reading
Advice for incident responders on recovery from systemic identity compromises

Advice for incident responders on recovery from systemic identity compromises

As Microsoft alongside our industry partners and the security community continues to investigate the extent of the Solorigate attack, our goal is to provide the latest threat intelligence including IOCs and guidance across our products and solutions to help the ... continue reading
PassTests.gif

Have Your Company's Systems Passed All the Security Tests?

Dear IT Pros, Happy Holiday and Merry Christmas! I would like to make this article more fluid and less dry, with the hope that not all my blog articles’ contents are too serious and too long to read. Let me ... continue reading
Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers

Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers

We, along with the security industry and our partners, continue to investigate the extent of the Solorigate attack. While investigations are underway, we want to provide the defender community with intelligence to understand the scope, impact, remediation guidance, and product ... continue reading

Ensuring customers are protected from Solorigate

Microsoft is monitoring a dynamic threat environment surrounding the discovery of a sophisticated attack that included compromised binaries from a legitimate software. These binaries, which are related to the SolarWinds Orion Platform, could be used by attackers to remotely access ... continue reading
Screenshot of search results page on an affected machine and one affected by Adrozed

Widespread malware campaign seeks to silently inject ads into search results, affects multiple browsers

A persistent malware campaign has been actively distributing an evolved browser modifier malware at scale since at least May 2020. At its peak in August, the threat was observed on over 30,000 devices every day. The malware is designed to ... continue reading
Diagram showing IcedID attack chain, with labels identifying what stage the attack was stopped

EDR in block mode stops IcedID cold

We are happy to announce the general availability of endpoint detection and response (EDR) in block mode in Microsoft Defender for Endpoint. EDR in block mode turns EDR detections into real-time blocking of malicious behaviors, malware, and artifacts. It uses ... continue reading