Select Page
Screenshot of obfuscated script

Out of sight but not invisible: Defeating fileless malware with behavior monitoring, AMSI, and next-gen AV

Consider this scenario: Two never-before-seen, heavily obfuscated scripts manage to slip past file-based detection and dynamically load an info-stealing payload into memory. The scripts are part of a social engineering campaign that tricks potential victims into running the scripts, which ... continue reading
Updating your cybersecurity strategy to enable and accelerate digital transformation

Updating your cybersecurity strategy to enable and accelerate digital transformation

This post is authored by Cyril Voisin, Cheif Security Advisor, Enterprise Cybersecurity Group. Nowadays every company is becoming a digital company to some extent. Digital transformation changes the way business is done. For example, it puts more control into the ... continue reading
Virtualization-based security (VBS) memory enclaves: Data protection through isolation

Virtualization-based security (VBS) memory enclaves: Data protection through isolation

The escalating sophistication of cyberattacks is marked by the increased use of kernel-level exploits that attempt to run malware with the highest privileges and evade security solutions and software sandboxes. Kernel exploits famously gave the WannaCry and Petya ransomware remote ... continue reading

Infrastructure + Security: Noteworthy News (April, 2018)

Hi there! Stanislav Belov is here with the next issue of the Infrastructure + Security: Noteworthy News series! As a reminder, the Noteworthy News series covers various areas, to include interesting news, announcements, links, tips and tricks from Windows, Azure, ... continue reading
Securing the modern workplace with Microsoft 365 threat protection – part 1

Securing the modern workplace with Microsoft 365 threat protection – part 1

This post is authored by Debraj Ghosh, Senior Product Marketing Manager, Microsoft 365 Security. The roots of Microsoft 365 threat protection Over the next few weeks, well introduce you to Microsoft 365s threat protection services and demonstrate how Microsoft 365s ... continue reading
Why Windows Defender Antivirus is the most deployed in the enterprise

Why Windows Defender Antivirus is the most deployed in the enterprise

Statistics about the success and sophistication of malware can be daunting. The following figure is no different: Approximately 96% of all malware is polymorphic meaning that it is only experienced by a single user and device before it is replaced ... continue reading
Detonating a bad rabbit: Windows Defender Antivirus and layered machine learning defenses

Detonating a bad rabbit: Windows Defender Antivirus and layered machine learning defenses

Windows Defender Antivirus uses a layered approach to protection: tiers of advanced automation and machine learning models evaluate files to reach a verdict on suspected malware. While Windows Defender AV detects a vast majority of new malware files at first ... continue reading

Defending against ransomware using system design

This post is authored by Michael Melone, Principal Cybersecurity Consultant, Enterprise Cybersecurity Group. Earlier this year, the world experienced a new and highly-destructive type of ransomware. The novel aspects of WannaCry and Petya were not skills as ransomware, but the ... continue reading
Introducing Windows Defender Application Control

Introducing Windows Defender Application Control

Application control is a crucial line of defense for protecting enterprises given today’s threat landscape, and it has an inherent advantage over traditional antivirus solutions. Specifically, application control flips the model from one where all applications are assumed trustworthy by ... continue reading
Loading...