Content by Microsoft Threat Intelligence (12)

Microsoft Threat Intelligence analyzes how North Korean groups and other threat actors leverage AI to accelerate the entire cyberattack lifecycle. The report, authored by Microsoft Threat Intelligence, explores attack methods, operational trends, and defense strategies powered by Microsoft's security ecosystem.

Microsoft Threat Intelligence, led by its Digital Crimes Unit, exposes the RedVDS criminal infrastructure that enabled widespread cyberattacks. The report by Microsoft Threat Intelligence offers technical insights, tracked malware tools, and recommended mitigations for security professionals.

Microsoft Threat Intelligence investigates an uptick in phishing campaigns abusing complex mail routing and misconfigured spoof protections, detailing detection, real-world attack methods, and robust mitigation guidance.

Microsoft Threat Intelligence outlines the evolving threat activity targeting Azure Blob Storage, mapping the full attack chain and providing actionable defense strategies for cloud security teams.

Microsoft Threat Intelligence details how Storm-2657 targets university employees to hijack payroll accounts, using phishing and SaaS compromise techniques. The report by Microsoft exposes tactics and offers actionable security guidance.

Microsoft Threat Intelligence offers a comprehensive examination of threats targeting Microsoft Teams, outlining the strategies attackers use and providing practical mitigation steps to improve organizational security.

Microsoft Threat Intelligence details the exploitation of CVE-2025-10035 in GoAnywhere MFT by Storm-1175, sharing technical analysis, detection methods, and guidance for mitigation and protection.

Microsoft Threat Intelligence presents a technical analysis of the latest XCSSET malware variant targeting macOS developers via Xcode projects. Authored by the Microsoft Threat Intelligence team, this deep-dive highlights infection stages, persistence, and defense tactics.

Microsoft Threat Intelligence, led by the original post's authors, reveals how AI-generated code was utilized in a credential phishing campaign and explains detection and defense approaches to combat these advanced threats.

Microsoft Threat Intelligence delivers a comprehensive technical breakdown of PipeMagic, a modular backdoor leveraged by Storm-2460, focusing on its architecture, exploitation methods, and mitigation strategies for security professionals.

In this technical breakdown by Microsoft Threat Intelligence, authors Jonathan Bar Or, Alexia Wilson, and Christine Fossaceca uncover and analyze the new macOS Spotlight-based TCC vulnerability, CVE-2025-31199, and discuss its security and remediation implications.

Microsoft Threat Intelligence reports on recent attacks exploiting SharePoint vulnerabilities, with actionable defense steps for organizations. This summary highlights author guidance for defenders and SharePoint administrators facing these advanced threats.