Select Page
Virtualization-based security (VBS) memory enclaves: Data protection through isolation

Virtualization-based security (VBS) memory enclaves: Data protection through isolation

The escalating sophistication of cyberattacks is marked by the increased use of kernel-level exploits that attempt to run malware with the highest privileges and evade security solutions and software sandboxes. Kernel exploits famously gave the WannaCry and Petya ransomware remote ... continue reading
Securing the modern workplace with Microsoft 365 threat protection – part 4

Securing the modern workplace with Microsoft 365 threat protection – part 4

This post is authored by Debraj Ghosh, Senior Product Marketing Manager, Microsoft 365 Security. Responding to ransomware in the Modern Workplace Over the last few weeks, we have shared the roots of Microsoft 365 threat protection and how Microsoft 365 ... continue reading
Securing the modern workplace with Microsoft 365 threat protection – part 3

Securing the modern workplace with Microsoft 365 threat protection – part 3

This post is authored by Debraj Ghosh, Senior Product Marketing Manager, Microsoft 365 Security. Detecting ransomware in the modern workplace Over the last two weeks, we have shared with you the roots of Microsoft 365 threat protection and how Microsoft ... continue reading
CredSSP, RDP and Raven

CredSSP, RDP and Raven

Welcome to another addition of AskPFEPlat, this is Paul Bergson and Graeme Bray bringing up the topic of CredSSP when in use with the Remote Desktop Protocol. This topic became an internal discussion around Premier Field Engineering and customers like ... continue reading
Securing the modern workplace with Microsoft 365 threat protection – part 2

Securing the modern workplace with Microsoft 365 threat protection – part 2

This post is authored by Debraj Ghosh, Senior Product Marketing Manager, Microsoft 365 Security. Protecting the modern workplace against Ransomware Last week, we shared the roots of Microsoft 365 threat protection. This week, we want to share how Microsoft 365 ... continue reading
Securing the modern workplace with Microsoft 365 threat protection – part 1

Securing the modern workplace with Microsoft 365 threat protection – part 1

This post is authored by Debraj Ghosh, Senior Product Marketing Manager, Microsoft 365 Security. The roots of Microsoft 365 threat protection Over the next few weeks, well introduce you to Microsoft 365s threat protection services and demonstrate how Microsoft 365s ... continue reading
Microsoft Security Intelligence Report volume 23 is now available

Microsoft Security Intelligence Report volume 23 is now available

As security incidents and events keep making headlines, Microsoft is committed to helping our customers and the rest of the security community to make sense of the risks and offer recommendations. Old and new malware continues to get propagated through ... continue reading
Invisible resource thieves: The increasing threat of cryptocurrency miners

Invisible resource thieves: The increasing threat of cryptocurrency miners

The surge in Bitcoin prices has driven widescale interest in cryptocurrencies. While the future of digital currencies is uncertain, they are shaking up the cybersecurity landscape as they continue to influence the intent and nature of attacks. Cybercriminals gave cryptocurrencies ... continue reading
Figure 1: Windows Defender ATP machine timeline view with Windows Defender Exploit Guard event

Behavior monitoring combined with machine learning spoils a massive Dofoil coin mining campaign

Just before noon on March 6 (PST), Windows Defender AV blocked more than 80,000 instances of several sophisticated trojans that exhibited advanced cross-process injection techniques, persistence mechanisms, and evasion methods. Behavior-based signals coupled with cloud-powered machine learning models uncovered this ... continue reading

Retire Those Old Legacy Protocols

Hello Paul Bergson back again, and I wanted to bring up another security topic. There has been a lot of work by enterprises to protect their infrastructure with patching and server hardening, but one area that is often overlooked when ... continue reading