Microsoft has published the latest edition of its Security Intelligence Report. The paper, which offers threat assessments on malware, exploits, and other data attacks, includes a section on how it is trying to protect its cloud services like Azure.


Microsoft publishes this report every six months and the latest edition, Volume 20 (via Neowin) includes data collected from the second half of 2015. Microsoft revealed that its cloud services such as Azure and logins from its hundreds of millions of customers allow it to "gather an enormous amount of intelligence on malicious behavior".

The report stated:

Win32/Gamarue, the most commonly encountered malware family in 2H15, is a worm that is commonly distributed via exploit kits and social engineering. Gamarue was especially prevalent in southeast Asia and the Middle East, and was rarely detected in North America and western Europe.

The new report also has details on a new malicious data group centered in Asia, which Microsoft has given the code name "PLATINUM":

This group has conducted several cyber espionage campaigns since 2009, focusing on targets associated with governments and related organizations in southeast Asia. This information can help you understand mitigations that can significantly reduce the risks that organizations face from such groups.