Defender - 1

2026 (2)

April (1)

security: Cross‑tenant helpdesk impersonation to data exfiltration: A human-operated intrusion playbook

Microsoft Security Blog

2026-04-18

Threat actors are using external Microsoft Teams collaboration to impersonate IT helpdesk staff, trick users into granting remote access, and then abuse legitimate tools and admin protocols for lateral movement and data exfiltration. Microsoft Defender can help detect this activity across Teams, endpoint, and identity telemetry.

March (1)

security: From transparency to action: What the latest Microsoft email security benchmark reveals

Microsoft Security Blog

2026-03-12

Microsoft published a blog post about its latest email security benchmarking data, comparing Microsoft Defender’s mitigation of modern email threats against SEG and ICES vendors. The post says the benchmark is intended to move from transparency to action.