Skip to content
Microsoft Secure

Office VBA + AMSI: Parting the veil on malicious macros

As part of our continued efforts to tackle entire classes of threats, Office 365 client applications now integrate with Antimalware Scan Interface (AMSI), enabling antivirus and other security solutions to scan macros and other scripts at runtime to check for malicious behavior. Macro-based threats have always been a prevalent entry point for malware, but we...

Read more

Small businesses targeted by highly localized Ursnif campaign

In social engineering attacks, is less really more? A new malware campaign puts that to the test by targeting home users and small businesses in specific US cities. This was a focused, highly localized attack that aimed to steal sensitive info from just under 200 targets. Macro-laced documents masqueraded as statements from legitimate businesses. The...

Read more

Practical application of artificial intelligence that can transform cybersecurity

There is tremendous opportunity to use AI—particularly machine learning—to improve the efficacy of cybersecurity, the detection of hackers, and even prevent attacks before they occur....

Read more

Image of four hands collaborating over a drawing of a lightbulb.

Protecting user identities

This is a blog series that responds to common questions we receive from customers about deployment of Microsoft 365 security solutions. In this series you’ll find context, answers, and guidance for deployment and driving adoption within your organization. In this blog, we explain how Microsoft 365 security solutions help you protect your users and their...

Read more

Partnering with the industry to minimize false positives

Every day, antivirus capabilities in Windows Defender Advanced Threat Protection (Windows Defender ATP) protect millions of customers from threats. To effectively scale protection, Windows Defender ATP uses intelligent systems that combine multiple layers of machine learning models, behavior-based detection algorithms, generics, and heuristics that make a verdict on suspicious files, most of the time in...

Read more

Image of four hands collaborating over a drawing of a lightbulb.

Cybersecurity threats: How to discover, remediate, and mitigate

This blog is part of a series that responds to common questions we receive from customers about deployment of Microsoft 365 security solutions. In this blog, we explain how Microsoft 365 threat protection solutions interoperate threat detection across these attack vectors....

Read more

Protecting the protector: Hardening machine learning defenses against adversarial attacks

Harnessing the power of machine learning and artificial intelligence has enabled Windows Defender Advanced Threat Protection (Windows Defender ATP) next-generation protection to stop new malware attacks before they can get started – often within milliseconds. These predictive technologies are central to scaling protection and delivering effective threat prevention in the face of unrelenting attacker activity....

Read more