This is the Trace Id: 6cd17ba099e80ea8388358bd10a287e1

Threat trends

A hill with cogs and other parts of a machine in the background

Ransomware

Discover what makes ransomware one of the most prevalent threats
Ransomware-as-a-service (RaaS) Incident response playbook for ransomware Microsoft defense against ransomware
Chart showing three types of fileless threats

Identity-based attacks

Learn about the different techniques threat actors are using to attack identities and gain access to resources
Adversary-in-the-middle (AiTM) Token theft Password spray attacks
Windows Defender ATP shown with several icons representing its security capabilities

Business email compromise (BEC)

Identify BEC attacks and learn how to protect organizations from this threat
Understand how BEC works Detect and mitigate a BEC campaign Disrupt BEC attacks

Threat actor updates

A hill with cogs and other parts of a machine in the background

Nation-state threat actors

Nation-state threat actors launch cyber operations that are often focused on collecting data on their targets
Blizzard threat actors Sandstorm threat actors Typhoon threat actors
Chart showing three types of fileless threats

Financially motivated threat actors

Cybercriminals continue to enhance their tools and techniques to maximize the impact of their campaigns, including ransomware and identity theft 
Octo Tempest Storm-0501 Other financially motivated actors
Windows Defender ATP shown with several icons representing its security capabilities

Nation-state influence operations

Nation-states launch influence operations to sway public perception and sentiment, sow discord, and undermine trust in public institutions
Russian influence operations Iranian influence operations Chinese influence operations
Industrial operator with computing devices that can be affected by malware

Threat actor spotlight: Sleet actors

Learn about the latest activity associated with North Korean threat actors
Sleet threat actors
Security Operations Center personnel responding to security incidents

Microsoft threat actor naming taxonomy

Learn about how Microsoft names threat actors 
Complete list of threat actor categories
Aerial shot of Chicago showing buildings that represent businesses that should be protected

Threat actors using AI

Learn about emerging threats in the age of AI, focusing on identified activity associated with known threat actors
How threat actors are using AI in their campaigns

Follow us