Security news aggregator

Latest coverage for Threat Intelligence

Threat intelligence is analyzed information about cyber threats that helps defenders assess risk, prioritize action, and improve security controls.

94 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Threat intelligence is analyzed information about adversaries, their capabilities, targets, infrastructure, and methods, used to support security decisions. It can describe broad trends for leadership, likely actors and campaigns for defenders, or actionable details such as malicious domains, file hashes, vulnerabilities, and tactics, techniques, and procedures (TTPs). Practitioners obtain it from internal investigations, public reporting, telemetry, information-sharing communities, and other sources, then assess its reliability, relevance, and age.

Security teams use threat intelligence to prioritize vulnerability remediation, tune detection rules, investigate suspicious activity, and prepare incident-response playbooks. TTP-based intelligence generally remains useful longer than individual indicators, which can become obsolete or be changed by an attacker. Poorly sourced or context-free intelligence can create false positives, waste analyst time, or lead to unjustified attribution and defensive action. Collection and sharing may also expose sensitive organizational or personal information, so access controls, provenance, retention, and applicable privacy or legal requirements matter.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 94 Filtered view
Microsoft Security Research 2 days, 19 hours ago

Turning threat intelligence into decisive action with Defender Experts

Security teams have never had more visibility, yet rarely have they felt more uncertain. Signal pours in from endpoints, identities, cloud workloads, and a sprawling mix of third-party tools. The post Turning threat intelligence into decisive action with Defender Experts appeared first on Microsoft Security Blog.

AI security agents are starting to influence real security decisions. They summarize findings, prioritize remediation, recommend next steps, and help teams move faster. But most still rely on fragmented risk signals: scanner output, severity scores, threat intelligence, configuration findings, and exposure data

Microsoft Security Research 4 days, 13 hours ago

Defending SaaS-based applications against ShinyHunters OAuth abuse

Microsoft Threat Intelligence identified threat actor activity with overlapping tradecraft commonly associated with ShinyHunters, including voice phishing (vishing), supply-chain compromise, and misconfigured guest access targeting SaaS-based applications. The post Defending SaaS-based applications against ShinyHunters OAuth abuse appeared first on Microsoft Security Blog.

Microsoft Threat Intelligence identified an active multi-stage intrusion campaign targeting hospitality organizations in Europe and Asia. The campaign uses photo-themed ZIP archives and fake image shortcut files to deliver a persistent Node.js implant and evade detection. The post Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access appeared first on Microsoft Security Blog.

Bank Info Security 1 month, 1 week ago

Ex-Threat Intel Exec Accuses IBM and AT&T of Hiding Hacks

IBM False Claims Act Plaintiff Alleges Years of Hidden Security FailuresA former IBM vice president of threat intelligence alleged IBM and AT&T failed to implement basic security controls and obtained major government contracts despite unresolved cybersecurity deficiencies that potentially exposed sensitive federal data.

Bank Info Security 3 months, 3 weeks ago

Beyond Intel Sharing: The Push Toward Cyber Disruption

Google Threat Intelligence's Sandra Joyce on AI Threats and Active DefenseSharing threat intelligence is no longer enough - the cybersecurity industry must operationalize it through coordinated takedowns and active disruption, says Sandra Joyce, vice president at Google Threat Intelligence.

Crims 'will do what gets them their objective easiest and fastest,' Microsoft threat intel boss tells The Reg interview AI agents allow cybercriminals and nation-state hackers to outsource the "janitorial-type work" needed to plan and carry out cyberattacks, according to Sherrod DeGrippo, Microsoft's GM of global threat intelligence. North Korea is taking advantage.…

Bank Info Security 5 months, 2 weeks ago

Barracuda CEO Bets on AI, Simplicity for Midmarket Defense

CEO Rohit Ghai Emphasizes Platform Depth, Threat Intel and AI-Powered SimplicityRohit Ghai, the new CEO of Barracuda, is leading a push to protect midmarket and resource-constrained businesses through a deeply integrated platform powered by AI. He says ease of use, human-led threat intelligence and modular deployment are essential to meeting their cybersecurity needs.

Bank Info Security 5 months, 2 weeks ago

Outtake Gets $40M to Grow Automated Threat Response

Agents Fuel Digital Risk Protection, Open-Source Intel Adoption in Regulated SpacesOuttake will invest $40 million to grow its automated platform for digital risk protection and open-source threat intelligence. CEO Alex Dhillon says the New York-based startup's agent-led model stands apart by replacing manual labor with scalable AI workflows.

Loading more headlines...