Imposter for hire: How fake people can gain very real access
Fake employees are an emerging cybersecurity threat.
-
-
SesameOp: Novel backdoor uses OpenAI Assistants API for command and control
Microsoft Incident Response – Detection and Response Team (DART) researchers uncovered a new backdoor that is notable for its novel use of the OpenAI Assistants Application Programming Interface (API) as a mechanism for command-and-control (C2) communications. -
Retail at risk: How one alert uncovered a persistent cyberthreat
In the latest edition of our Cyberattack Series, we dive into real-world cases targeting retail organizations. -
StilachiRAT analysis: From system reconnaissance to cryptocurrency theft
Microsoft Incident Response uncovered a novel remote access trojan (RAT) named StilachiRAT, which demonstrates sophisticated techniques to evade detection, persist in the target environment, and exfiltrate sensitive data. -
Build a stronger security strategy with proactive and reactive incident response: Cyberattack Series
Find out how a cyberattack by Storm-2077 was halted faster because the Microsoft Incident Response team is both proactive and reactive at the same time. -
The art and science behind Microsoft threat hunting: Part 3
In this blog post, read how Microsoft Incident Response leverages three types of threat intelligence to enhance incident response scenarios. -
How to boost your incident response readiness
Discover key steps to bolster incident response readiness, from disaster recovery plans to secure deployments, guided by insights from the Microsoft Incident Response team. -
Microsoft Incident Response tips for managing a mass password reset
When an active incident leaves systems vulnerable, a mass password reset may be the right tool to restore security. -
New Microsoft Incident Response guide helps simplify cyberthreat investigations
Discover how to fortify your organization’s cybersecurity defense with this practical guide on digital forensics from Microsoft’s Incident Response team. -
How Microsoft Incident Response and Microsoft Defender for Identity work together to detect and respond to cyberthreats
Learn how Microsoft Incident Response works together with Microsoft Defender for Identity to give customers fast, flexible service—before, during, or after a cybersecurity incident occurs. -
New Microsoft Incident Response guides help security teams analyze suspicious activity
Access the first two cloud investigation guides from Microsoft Incident Response to improve triage and analysis of data in Microsoft 365 and Microsoft Entra ID. -
New Microsoft Incident Response team guide shares best practices for security teams and leaders
The Microsoft Incident Response team shares a downloadable, interactive, people-centric, guide to effective incident response.
