Author: Eric Avena

Read our investigation of a BEC campaign that used attacker-created email infrastructure to facilitate gift card theft targeting the consumer goods, process manufacturing and agriculture, real estate, discrete manufacturing, and professional services sectors.

The post Business email compromise campaign targets wide range of orgs with gift card scam appeared first on Microsoft Security.

Read More Business email compromise campaign targets wide range of orgs with gift card scam

Microsoft is happy to have contributed and worked closely with the Center for Threat-Informed Defense and other partners to develop the MITRE ATT&CK® for Containers matrix.

The post Center for Threat-Informed Defense teams up with Microsoft, partners to build the ATT&CK® for Containers matrix appeared first on Microsoft Security.

Read More Center for Threat-Informed Defense teams up with Microsoft, partners to build the ATT&CK® for Containers matrix

Microsoft is proud to announce our latest Secured-core offering, the all-new Surface Laptop 4 powered by AMD Ryzen™ Mobile Processors. These devices offer comprehensive security out-of-the-box with tightly integrated hardware, software, firmware, and identity protection layers.

The post Surface expands its Secured-core portfolio with the new Surface Laptop 4 powered by AMD Ryzen™ Mobile Processors appeared first on Microsoft Security.

Read More Surface expands its Secured-core portfolio with the new Surface Laptop 4 powered by AMD Ryzen™ Mobile Processors

We are sharing the CodeQL queries that we used to analyze our source code at scale and rule out the presence of the code-level indicators of compromise (IoCs) and coding patterns associated with Solorigate so that other organizations may perform a similar analysis.

The post Microsoft open sources CodeQL queries used to hunt for Solorigate activity appeared first on Microsoft Security.

Read More Microsoft open sources CodeQL queries used to hunt for Solorigate activity

Sweeping research into massive attacker infrastructures, as well as our real-time monitoring of malware campaigns and attacker activity, directly inform Microsoft security solutions, allowing us to build or improve protections that block malware campaigns and other email threats, both current and future, as well as provide enterprises with the tools for investigating and responding to email campaigns in real-time.

The post What tracking an attacker email infrastructure tells us about persistent cybercriminal operations appeared first on Microsoft Security.

Read More What tracking an attacker email infrastructure tells us about persistent cybercriminal operations