Skip to content

Microsoft Secure


Detecting stealthier cross-process injection techniques with Windows Defender ATP: Process hollowing and atom bombing

Advanced cyberattacks emphasize stealth and persistence: the longer they stay under the radar, the more they can move laterally, exfiltrate data, and cause damage. To avoid detection, attackers are increasingly turning to cross-process injection. Cross-process injection gives attackers the ability to run malicious code that masquerades as legitimate programs. With code injection, attackers don’t have...

Read more


Windows 10 platform resilience against the Petya ransomware attack

The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices. Read our latest report: A worthy upgrade:...

Read more

A Week in The Hague: The Global Conference on Cyberspace (GCCS)

Cybersecurity experts from around the world recently gathered at the Global Conference on Cyberspace (GCCS) in The Hague. Over a thousand delegates from across the private sector, government and civil society attended the main conference, and many used the opportunity to promote practical cooperation in cyberspace, enhance capacity building and to discuss norms of state...

Read more

Microsoft partners with cities and governments to improve cybersecurity for citizens

City life is changing – there is no doubt about that. Unprecedented population shifts and extraordinary growth have impacted how urban populations live and work together. For city leaders, this rapid change has created not only unique challenges, but also significant opportunities. Many are looking to technologies like the Cloud and Internet of Things (IoT)...

Read more

Six Proposed Norms to Reduce Conflict in Cyberspace

Last month, my team launched a new white paper, “International Cybersecurity Norms, Reducing conflict in an Internet-dependent world” at the EastWest Institute’s 2014 Global Cyberspace Cooperation Summit in Berlin. In the paper we explained the unique cyber risks posed by nation states’ offensive activities, and how these risks could escalate – perhaps unintentionally – to...

Read more

Angela McKay, Director of Cybersecurity Policy, delivers her keynote address with seated attendees: Dr. C. Raja Mohan, Head, Strategic Studies and Distinguished Fellow, ORF; Arvind Gupta, Deputy National Security Advisor, Government of India; and Samir Saran, Sr. Fellow & Vice President, ORF.

Dispatch from Delhi: Conference on Cyber Security and Cyber Governance

Guest Blogger: Aaron Kleiner Earlier this fall, I had the opportunity to visit India for the Observer Research Foundation’s (ORF) India Conference on Cyber Security and Cyber Governance, known informally as CyFy. Now in its second year, CyFy is an important opportunity to engage with cybersecurity and Internet governance experts from around the world. Microsoft...

Read more

Escalation of cyber events and applicable legal frameworks

Proposed Cybersecurity Norms to Reduce Conflict in an Internet-dependent World

The Internet has by and large been a cause for good, driving economic growth across developed and emerging economies, connecting individuals and communities to previously unattainable services, and propelling innovation online, as well as offline. Today, all over the world public utilities, banks, and governments use the Internet, cloud services, and mobile technology to enhance...

Read more

Cyberspace Challenges

Strategies, Capacity Building and Legislative Initiatives: Cybersecurity Policy Development Battles Through “Tumultuous Teens”

Over the past two months, I have travelled around Europe and Africa far more than I have been at home. So have many of my colleagues. And while I wish wanderlust was the primary driver for our travels, the travel has been driven by a growing regional interest in developing effective long-term cybersecurity policy strategies...

Read more

Microsoft’s Perspective on the Cybersecurity Framework: Next Steps for Incentives and International Harmonization

Over the past several weeks, I’ve visited several national capitals to address cybersecurity concerns with policymakers and industry leaders. One shared challenge facing governments and critical sectors worldwide is the need for a common baseline of cybersecurity risk management guidance that can be utilized by organizations at different levels of sophistication. Often, these discussions turn...

Read more

Why businesses should care about cybersecurity this October

Around the world, governments have designated this October as “cybersecurity awareness” month, seeking to increase national resilience by raising national consciousness. This effort comes on the heels of a number of government initiatives that aim to strengthen cyber resilience of critical infrastructures, such as the U.S. Presidential Executive Order or the European Commission’s Network and...

Read more