RSS Reader for Computer Security Articles
Kovter is a malware family that is well known for being tricky to detect and remove because of its file-less design after infection. Users from United States are nearly exclusively being targeted, and infected PCs are used to perform click-fraud and install additional malware on your machine. Starting April 21, 2016, we observed a large…
Read MoreJavaScript is now being used largely to download malware because it’s easy to obfuscate the code and it has a small size. Most recently, one of the most predominant JavaScript malware that has been spreading other malware is Nemucod. This JavaScript trojan downloads additional malware (such as Win32/Tescrypt and Win32/Crowti – two pervasive ransomware trojans…
Read MoreThis blog introduces our latest report from the Windows Defender Advanced Threat Hunting team. You can read the full report at: PLATINUM: Targeted attacks in South and Southeast Asia There is no shortage of headlines about cybercriminals launching large-scale attacks against organizations. For us, the activity groups that pose the most danger are the ones…
Read MoreIn response to questions we’ve received from the software distribution and monetization industry, and following our blog announcing our browser modifier policy update, we’d like to provide some details on what we refer to in our policy as “changing browsing experience”. For us, “changing browsing experience” means behaviors that modify the content of webpages. We…
Read MoreWe have recently observed that spam campaigns are now using JavaScript attachments aside from Office files. The purpose of the code is straightforward. It downloads and runs other malware. Some of the JavaScript downloaders that we’ve seen are: TrojanDownloader:JS/Swabfex TrojanDownloader:JS/Nemucod TrojanDownloader:JS/Locky The same JavaScript downloaders are also responsible for spreading the following ransomware: Ransom:Win32/Tescrypt Ransom:Win32/Locky…
Read MoreAs part of our ongoing effort to provide better malware protection, the Microsoft Malicious Software Removal Tool (MSRT) release this April will include detections for: Win32/Bedep – Trojan family Win32/Upatre – Trojan family Ransom:MSIL/Samas – Ransomware family In this blog, we’ll focus on the Bedep family of trojans. The bothersome Bedep Win32/Bedep was first…
Read MoreSince we published the Keeping Browsing Experience in Users’ Hands blog in December 2015, we’ve received feedback from the ecosystem and engaged in discussions with the industry. Based on those discussions and feedback, we are making a couple of updates. We are broadening the scope of the evaluation criteria we blogged about to state: Programs…
Read MoreMacro-based malware is on the rise and we understand it is a frustrating experience for everyone. To help counter this threat, we are releasing a new feature in Office 2016 that blocks macros from loading in certain high-risk scenarios. Macro-based malware infection is still increasing Macro-based malware continues its rise. We featured macro-based malware…
Read More