Select Page
Exploit for CVE-2017-8759 detected and neutralized

Exploit for CVE-2017-8759 detected and neutralized

The September 12, 2017 security updates from Microsoft include the patch for a previously unknown vulnerability exploited through Microsoft Word as an entry vector. Customers using Microsoft advanced threat solutions were already protected against the malicious attachments. The vulnerability, classified ... continue reading
Screenshot of CommonSecurityLog

Analyze your Check Point logs with OMS Security

The Security & Compliance solution in the Operations Management Suite (OMS) provides security insights about many sources of security data from Windows and Linux machines, including any source that emits Syslog. Today, we are announcing a new capability, developed by ... continue reading

WannaCrypt attacks: guidance for Operations Management Suite customers

Strengthening the security posture of your infrastructure is critical in protecting against evolving cyber threats. The following steps are recommended to safeguard your resources against the recent WannaCrypt ransomware attack: This recent WannaCrypt malware exploits a Service Message Block (SMB) ... continue reading

Announcing new Adversary Detection and Compromised Recovery services

This post is authored by Berk Veral, Senior Marketing Communication Manager, Enterprise Cybersecurity Group. Perhaps one of the best-kept secrets within Microsoft cybersecurity services is the Global Incident Response and Recovery team. We affectionately call them the “GIRR” team for ... continue reading
Initial alerts triggered by PowerShell activities as detected by Windows Defender ATP

Windows Defender ATP thwarts Operation WilySupply software supply chain cyberattack

Several weeks ago, the Windows Defender Advanced Threat Protection (Windows Defender ATP) research team noticed security alerts that demonstrated an intriguing attack pattern. These early alerts uncovered a well-planned, finely orchestrated cyberattack that targeted several high-profile technology and financial organizations ... continue reading
java-malware-sample-email

Combating a spate of Java malware with machine learning in real-time

In recent weeks, we have seen a surge in emails carrying fresh malicious Java (.jar) malware that use new techniques to evade antivirus protection. But with our research team’s automated expert systems and machine learning models, Windows 10 PCs get ... continue reading
Execution stages of the exploit package and corresponding functionality

Detecting and mitigating elevation-of-privilege exploit for CVE-2017-0005

On March 14, 2017, Microsoft released security bulletin MS17-013 to address CVE-2017-0005, a vulnerability in the Windows Win32k component that could potentially allow elevation of privileges. A report from a trusted partner identified a zero-day exploit for this vulnerability. The ... continue reading