Skip to content
Microsoft Secure

Detecting threat actors in recent German industrial attacks with Windows Defender ATP

When a Germany-based industrial conglomerate disclosed in December 2016 that it was breached early that year, the breach was revealed to be a professionally run industrial espionage attack. According to the German press, the intruders used the Winnti family of malware as their main implant, giving them persistent access to the conglomerate’s network as early...

Read more

No slowdown in Cerber ransomware activity as 2016 draws to a close

The trend towards increasingly sophisticated malware behavior, highlighted by the use of exploits and other attack vectors, makes older platforms so much more susceptible to ransomware attacks. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices. Read our latest report: A worthy upgrade:...

Read more

Are Viruses Making a Comeback?

In the six or seven years that we have been publishing the Microsoft Security Intelligence Report (SIR) I have seen many trends emerge over time.  The threat landscape is constantly changing as attackers try to find methods that will help them compromise the systems they target.  For several years viruses (file infectors) seemed to be...

Read more

On The Origins of Malware: Are Malware Hosting Sites in Your State or Region?

Systems that host and distribute malware are located all over the world.  These systems have typically been compromised and are being used for illicit purposes unbeknownst to the administrators of the systems.  These compromised machines can be personal computers located in homes and small businesses, as well as servers in data centers.  Some background informationTo...

Read more

RSA Conference 2013: Thank-you RSA Attendees!

The RSA Conference in San Francisco is over for another year.  I want to thank all those conference attendees that attended one of the many activities Microsoft had going on during the week or took time to visit our booth. Special thanks to those conference attendees that attended the breakout session that Jeff Jones and...

Read more

Korea’s Malware Infection Rate Increases Six-fold in Six Months

I have written about the threat landscape in Korea a few times in the past as it has been one of the most active threat landscapes in the world for some time: A Very Active Place – The Threat Landscape in the Republic of Korea Koreans Vanquish Top Malware Threat, Threat Landscape Continues to be...

Read more

Microsoft Security Intelligence Report Volume 13 Released

This morning, Adrienne Hall, General Manager for Trustworthy Computing delivered a keynote speech at RSA Europe and announced the availability of the Microsoft Security Intelligence Report volume 13 (SIRv13).  It’s hard to believe that it’s been over six years since we published the first volume of the report.  The report has evolved a lot since...

Read more

The Threat Landscape in the Middle East – Part 3: Israel and Saudi Arabia

In the first two parts of this series on the threat landscape in the Middle East (Part 1, Part 2) I focused on the threats in Qatar, Iraq and the Palestinian Authority (West Bank and Gaza Strip). In this final part of the series I focus on Israel and Saudi Arabia. The data in this...

Read more

The Threat Landscape in the Middle East – Part 2: The Palestinian Authority and Iraq

In the first part of this series on the threat landscape in the Middle East I focused on the threats in Qatar, the location with the largest improvement in malware infection rates in the region.  In this part of the series I focus on the Palestinian Authority and Iraq, the two locations with the highest...

Read more

The Threat Landscape in Asia & Oceania – Part 4: Australia and New Zealand

In the first three parts of this series on the threat landscape in Asia and Oceania I examined threats in Vietnam and India (highest malware infection rates in the region), Japan and Korea (very interesting juxtaposition), and Malaysia and Singapore (malware infection rates trending lower).  This final part of the series is on threats found...

Read more