Teams

May 4, 2026

Teams Social Engineering Detection: New Hunting Queries for RMM-Based Attacks

Two new hunting queries detect Teams phishing campaigns that lure victims into launching remote access tools, addressing the Storm-1811 / Black Basta cross-tenant attack pattern. Read More →

February 3, 2026

Microsoft Defender XDR: New Hunting Query for Punycode Lookalike Domain Phishing

Advanced hunting query detects punycode domains using Cyrillic, Greek, and fullwidth ASCII characters to visually impersonate legitimate domains in email and Teams. Read More →

November 21, 2025

Microsoft Teams Security: 9 Additional Hunting Queries for Advanced Threat Detection

Extended Teams protection hunting coverage with queries for partner impersonation, admin submissions, and external sender analysis. Read More →

November 19, 2025

Microsoft Teams Security: 7 New Hunting Queries for URL Threat Detection

New hunting queries added to detect malicious URL clicks, ZAP events, and user submissions in Microsoft Teams. Read More →

Auto-generated content based on the Azure-Sentinel GitHub repo.

Microsoft Sentinel is a trademark of Microsoft Corporation.