Navigating cyberthreats and strengthening defenses in the era of AI
02/14/2024Advances in artificial intelligence (AI) present new threats—and opportunities—for cybersecurity. Discover how threat actors use AI to conduct more sophisticated attacks, then review the best practices that help protect against traditional and AI-enabled cyberthreats.
Learn more
Threat Actor Insights
Microsoft Security is actively tracking threat actors across observed nation state, ransomware, and criminal activities. These insights represent publicly published activity from Microsoft Security threat researchers and provide a centralized catalog of actor profiles from the referenced blogs.
Click on a threat actor icon below to learn more.
Share
Share
2023 Microsoft Digital Defense Report
10/05/2023The latest edition of the Microsoft Digital Defense Report explores the evolving threat landscape and walks through opportunities and challenges as we become cyber resilient.
Learn moreBehind the scenes
Security is a team sport. Meet the players.
More than 10,000 defenders worldwide
Microsoft Security’s global network of security and intelligence teams includes engineers, researchers, data scientists, cybersecurity experts, threat hunters, geopolitical analysts, investigators, and frontline responders across 77 countries.
See all expert profiles
Homa Hayatyfar
02/14/2024
Principal Data and Applied Science Manager Homa Hayatyfar describes the use of machine learning models to reinforce defenses, just one of many ways AI is changing the face of security.
Learn more
Fanta Orr
08/31/2023
Threat intelligence expert Fanta Orr explains how threat intelligence analysis uncovers the “why�? behind cyberthreat activity and helps better protect customers who might be vulnerable targets.
Learn more
Expert profile
Homa Hayatyfar
02/14/2024
Principal Data and Applied Science Manager Homa Hayatyfar describes the use of machine learning models to reinforce defenses, just one of many ways AI is changing the face of security.
Learn more
Expert profile
Fanta Orr
08/31/2023
Threat intelligence expert Fanta Orr explains how threat intelligence analysis uncovers the “why�? behind cyberthreat activity and helps better protect customers who might be vulnerable targets.
Learn moreThreat briefs
See All Briefs
Holiday season DDoS defense: Your guide to staying safe
12/07/2023
Discover why distributed denial of service (DDoS) attacks surge between Black Friday and New Year and discover what you can do to help keep your organization safe.
Learn moreReports
See All Reports
10 essential insights from the Microsoft Digital Defense Report 2023
11/08/2023
From the increasing sophistication of nation-state threat actors to the power of partnerships in building cyber resilience, the Microsoft Digital Defense Report reveals the latest threat landscape insights and walks through the opportunities and challenges we all face.
Learn moreMore from Microsoft Security
Staying ahead of threat actors in the age of AI
02/14/2024
Microsoft, in collaboration with OpenAI, is publishing research on emerging threats in the age of AI, focusing on identified activity associated with known threat actors Forest Blizzard, Emerald Sleet, Crimson Sandstorm, and others. The observed activity includes prompt-injections, attempted misuse of large language models (LLM), and fraud.
Learn moreMidnight Blizzard: Guidance for responders on nation-state attacktication and evasion in ongoing attacks
01/25/2024
The Microsoft security team detected a nation-state attack on our corporate systems on January 12, 2024, and immediately activated our response process to investigate, disrupt malicious activity, mitigate the attack, and deny the threat actor further access. The Microsoft Threat Intelligence investigation identified the threat actor as Midnight Blizzard, the Russian state-sponsored actor also known as NOBELIUM.
Learn moreNew TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs
01/17/2024
Since November 2023, Microsoft has observed a distinct subset of Mint Sandstorm (PHOSPHORUS) targeting high-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the United Kingdom, and the United States. In this campaign, Mint Sandstorm used bespoke phishing lures in an attempt to socially engineer targets into downloading malicious files.
Learn moreFollow Microsoft Security Insider
