Apr 18, 2023 · A mature subgroup of Mint Sandstorm is weaponizing N-day vulnerabilities in apps & conducting phishing campaigns to access environments.

May 14, 2026 · Kazuar, a sophisticated malware family attributed to the Russian state actor Secret Blizzard, has been under constant development for years and continues to evolve in support of …

Jan 25, 2024 · Microsoft detected a nation-state attack on our corporate systems and immediately activated response process to disrupt and mitigate.

Apr 16, 2026 · Microsoft Threat Intelligence identified a campaign beginning in early 2026 by North Korean state actor Sapphire Sleet demonstrating new combinations of macOS-focused execution …

Jul 31, 2025 · Microsoft Threat Intelligence has uncovered a cyberespionage campaign by the Russian state actor we track as Secret Blizzard that has been ongoing since at least 2024, targeting …

Security information and event management (SIEM) is a security solution that collects data and analyzes activity to support threat protection for organizations.

Feb 6, 2025 · Microsoft Threat Intelligence observed limited activity by an unattributed threat actor using a publicly available, static ASP.NET machine key to inject malicious code and deliver the Godzilla …

Oct 25, 2021 · Learn about targets and methods used by today’s nation-state threat actors, and how your organization can create a more secure environment.

Explore threat intelligence reports on nation-state, cybercrime, and threat actors based on trillions of signals analyzed by Security Insider researchers.

May 27, 2025 · Microsoft Threat Intelligence has discovered a cluster of worldwide cloud abuse activity conducted by a threat actor we track as Void Blizzard, who we assess with high confidence is Russia …