Select Page
Detonating a bad rabbit: Windows Defender Antivirus and layered machine learning defenses

Detonating a bad rabbit: Windows Defender Antivirus and layered machine learning defenses

Security
Windows Defender Antivirus uses a layered approach to protection: tiers of advanced automation and machine learning models evaluate files to reach a verdict on suspected malware. While Windows Defender AV detects a vast majority of new malware files at first ... continue reading
Microsoft teams up with law enforcement and other partners to disrupt Gamarue (Andromeda)

Microsoft teams up with law enforcement and other partners to disrupt Gamarue (Andromeda)

Security
Today, with help from Microsoft security researchers, law enforcement agencies around the globe, in cooperation with Microsoft Digital Crimes Unit (DCU), announced the disruption of Gamarue, a widely distributed malware that has been used in networks of infected computers collectively ... continue reading
Data center

Windows Defender ATP machine learning and AMSI: Unearthing script-based attacks that ‘live off the land’

Security
Scripts are becoming the weapon of choice of sophisticated activity groups responsible for targeted attacks as well as malware authors who indiscriminately deploy commodity threats. Scripting engines such as JavaScript, VBScript, and PowerShell offer tremendous benefits to attackers. They run ... continue reading
New tech support scam launches communication or phone call app

New tech support scam launches communication or phone call app

Security
A new tech support scam technique streamlines the entire scam experience, leaving potential victims only one click or tap away from speaking with a scammer. We recently found a new tech support scam website that opens your default communication or ... continue reading

#AVGater vulnerability does not affect Windows Defender Antivirus, MSE, or SCEP

Security
On November 10, 2017, a vulnerability called #AVGater was discovered affecting some antivirus products. The vulnerability requires a non-administrator-level account to perform a restore of a quarantined file. Windows Defender Antivirus and other Microsoft antimalware products, including System Center Endpoint ... continue reading
Detecting reflective DLL loading with Windows Defender ATP

Detecting reflective DLL loading with Windows Defender ATP

Security
Today's attacks put emphasis on leaving little, if any, forensic evidence to maintain stealth and achieve persistence. Attackers use methods that allow exploits to stay resident within an exploited process or migrate to a long-lived process without ever creating or ... continue reading
Mitigating and eliminating info-stealing Qakbot and Emotet in corporate networks

Mitigating and eliminating info-stealing Qakbot and Emotet in corporate networks

Security
The threat to information is greater than ever, with data breaches, phishing attacks, and other forms of information theft like point-of-sale malware and ATM hacks becoming all too common in today's threat landscape. Information-stealing trojans are in the same category ... continue reading
Stopping ransomware where it counts: Protecting your data with Controlled folder access

Stopping ransomware where it counts: Protecting your data with Controlled folder access

Security
Windows Defender Exploit Guard is a new set of host intrusion prevention capabilities included with Windows 10 Fall Creators Update. One of its features, Controlled folder access, stops ransomware in its tracks by preventing unauthorized access to your important files ... continue reading
Browser security beyond sandboxing

Browser security beyond sandboxing

Security
Security is now a strong differentiator in picking the right browser. We all use browsers for day-to-day activities like staying in touch with loved ones, but also for editing sensitive private and corporate documents, and even managing our financial assets ... continue reading
Loading...