Select Page

Move away from passwords, deploy Windows Hello. Today!

Something we understood from the very beginning with Windows Hello for Business is our customers would approach Windows 10 in a series of phases. The first phase is to simply deploy the platform itself. From there, additional phases would follow ... continue reading
Stopping ransomware where it counts: Protecting your data with Controlled folder access

Stopping ransomware where it counts: Protecting your data with Controlled folder access

Windows Defender Exploit Guard is a new set of host intrusion prevention capabilities included with Windows 10 Fall Creators Update. One of its features, Controlled folder access, stops ransomware in its tracks by preventing unauthorized access to your important files ... continue reading
Browser security beyond sandboxing

Browser security beyond sandboxing

Security is now a strong differentiator in picking the right browser. We all use browsers for day-to-day activities like staying in touch with loved ones, but also for editing sensitive private and corporate documents, and even managing our financial assets ... continue reading
Exploit for CVE-2017-8759 detected and neutralized

Exploit for CVE-2017-8759 detected and neutralized

The September 12, 2017 security updates from Microsoft include the patch for a previously unknown vulnerability exploited through Microsoft Word as an entry vector. Customers using Microsoft advanced threat solutions were already protected against the malicious attachments. The vulnerability, classified ... continue reading
Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene

Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene

In the first six months of 2017, ransomware threats reached new levels of sophistication. The same period also saw the reversal of a six-month downward trend in ransomware encounters. New ransomware code was released at a higher rate with increasing ... continue reading

Microsoft to remove WoSign and StartCom certificates in Windows 10

Microsoft has concluded that the Chinese Certificate Authorities (CAs) WoSign and StartCom have failed to maintain the standards required by our Trusted Root Program. Observed unacceptable security practices include back-dating SHA-1 certificates, mis-issuances of certificates, accidental certificate revocation, duplicate certificate ... continue reading
Links in phishing-like emails lead to tech support scam

Links in phishing-like emails lead to tech support scam

Tech support scams continue to evolve, with scammers exploring more ways to reach potential victims. Recently, we have observed spam campaigns distributing links that lead to tech support scam websites. Anti-spam filters in Microsoft Exchange Online Protection (EOP) for Office ... continue reading
Windows Defender ATP machine learning: Detecting new and unusual breach activity

Windows Defender ATP machine learning: Detecting new and unusual breach activity

Microsoft has been investing heavily in next-generation security technologies. These technologies use our ability to consolidate large sets of data and build intelligent systems that learn from that data. These machine learning (ML) systems flag and surface threats that would ... continue reading
Windows Defender Antivirus instant protection from the cloud

Windows Defender Antivirus cloud protection service: Advanced real-time defense against never-before-seen malware

For cybercriminals, speed is the name of the game. It takes newly released malware an average of just four hours to achieve its goal—steal financial information, extort money, or cause widespread damage. In a recent report, the Federal Trade Commission ... continue reading
Figure 1: Windows Defender ATP detection of Kovter performing process hollowing on regsvr32.exe using mshta.exe

Detecting stealthier cross-process injection techniques with Windows Defender ATP: Process hollowing and atom bombing

Advanced cyberattacks emphasize stealth and persistence: the longer they stay under the radar, the more they can move laterally, exfiltrate data, and cause damage. To avoid detection, attackers are increasingly turning to cross-process injection. Cross-process injection gives attackers the ability ... continue reading