"Open-Sourcing New COVID-19 Threat Intelligence"
Cybercriminals have been taking advantage of the coronavirus pandemic to attack individuals and companies. Recent reports have highlighted the rise in ransomware and phishing attacks based on COVID-19 information. In response to the increased exploitation of the global threat in recent cyberattacks, Microsoft has decided to open-source its coronavirus threat intelligence to help businesses and security researchers develop better solutions for safeguarding, detecting, and defending against COVID-19 themed attacks. Microsoft's list of coronavirus-related attack indicators comes from trillions of signals processed each day. These signals are generated across cloud services, applications, emails, and more. Customers who use Microsoft Threat Protection (MTP) through Defender Advanced Threat Protection (ATP) and email with Office 365 ATP are already protected against threats identified by the indicators. The list of new indicators will still be made available to those not protected by MTP. This information is available in the Azure Sentinel GitHub and through the Microsoft Graph Security API. This article continues to discuss the importance of sharing threat information, Microsoft's open-sourcing of new COVID-19 threat intelligence, how this information can be accessed, and the use of such intelligence by the security community.
Microsoft reports "Open-Sourcing New COVID-19 Threat Intelligence"