December 13, 2022

IIS modules: The evolution of web shells and how to detect them 

Web exploitation and web shells are some of the most common entry points in the current threat landscape. Web servers provide an external avenue directly into […]
November 17, 2022

Token tactics: How to prevent, detect, and respond to cloud token theft

As organizations increase their coverage of multifactor authentication (MFA), threat actors have begun to move to more sophisticated techniques to allow them to compromise corporate resources […]
November 3, 2022

Microsoft Security tips for mitigating risk in mergers and acquisitions

Sixty-two percent of organizations that undertake mergers and acquisitions face significant cybersecurity risks or consider cyber risks their biggest concern post-acquisition.1 Threat actors that focus on […]
October 19, 2022

Defenders beware: A case for post-ransomware investigations

Ransomware is one of the most pervasive threats that Microsoft Detection and Response Team (DART) responds to today. The groups behind these attacks continue to add […]
October 19, 2022

Defenders beware: A case for post-ransomware investigations

Ransomware is one of the most pervasive threats that Microsoft Detection and Response Team (DART) responds to today. The groups behind these attacks continue to add […]
September 22, 2022

The art and science behind Microsoft threat hunting: Part 2

We discussed Microsoft Detection and Response Team’s (DART) threat hunting principles in part 1 of The art and science behind Microsoft threat hunting blog series. In […]