antimalware – Computer Security Articles

8 tips to avoid a spyware attack

April 12, 2018 admin Adware, antimalware, antispyware, browser sandbox, Hacker, malware, popup ads, spyware, Tips

Credit to Author: Rajiv Singha| Date: Thu, 12 Apr 2018 10:30:45 +0000

Spyware refers to software that spy on your Internet browsing activities, record keystrokes, and collect almost any type of data including your personal information such as credit/debit card or banking details, login IDs and passwords. In this post, we share 8 tips to avoid a spyware attack and keep your…

Kaspersky Security

Updating antimalware solutions in industrial control systems

February 7, 2018 admin antimalware, Business, ICS, Updates

Credit to Author: Matvey Voytov| Date: Wed, 07 Feb 2018 16:01:26 +0000

How can we keep antimalware solutions up to date without compromising the ICS environment?

Microsoft Security

Detonating a bad rabbit: Windows Defender Antivirus and layered machine learning defenses

January 16, 2018 admin anti-virus software, antimalware, Antivirus, antivirus software, bad rabbit, cybersecurity, machine learning, Next-gen antivirus, Security Intelligence

Credit to Author: Windows Defender ATP| Date: Mon, 11 Dec 2017 13:58:06 +0000

Windows Defender Antivirus uses a layered approach to protection: tiers of advanced automation and machine learning models evaluate files in order to reach a verdict on suspected malware. While Windows Defender AV detects a vast majority of new malware files at first sight, we always strive to further close the gap between malware release and

Microsoft Security

Microsoft teams up with law enforcement and other partners to disrupt Gamarue (Andromeda)

January 16, 2018 admin Andromeda, anti-virus software, antimalware, Antivirus, antivirus software, Bot, Botnet, botnet takedown, cybersecurity, Digital Crimes Unit, Gamarue, malware research, research, Security Intelligence, Security Response, Windows 10, Windows Defender Antivirus, Windows Defender ATP, Windows Defender AV

Credit to Author: Windows Defender ATP| Date: Mon, 04 Dec 2017 23:06:44 +0000

Today, with help from Microsoft security researchers, law enforcement agencies around the globe, in cooperation with Microsoft Digital Crimes Unit (DCU), announced the disruption of Gamarue, a widely distributed malware that has been used in networks of infected computers collectively called the Andromeda botnet. The disruption is the culmination of a journey that started in

Microsoft Security

No payment necessary: Fighting back against ransomware

January 23, 2017 admin Advanced persistent threats, antimalware, Antimalware research for IT pros and enthusiasts, Coordinated Malware Eradication, enterprise software security, malware research, microsoft, Microsoft Edge, MMPC, Product features and announcements, ransomware, research, Windows 10, Windows Defender, Windows Defender ATP, Windows Defender for Windows 10

Any IT professional who’s ever had an experience with malware knows how fast an intrusive attack can happen, and how difficult it can be to educate employees to be vigilant against such threats. And with ransomware attacks only growing, having information, tools and technologies to help protect your network can mean the difference between serious…

Microsoft Security

Fake fax ushers in revival of a ransomware family

January 23, 2017 admin antimalware, Antimalware research for IT pros and enthusiasts, Crimace, enterprise software security, fake fax, malware research, microsoft, Microsoft Edge, MMPC, Ransom:Win32/WinPlock.B, ransomware, research, spam, Trojan, TrojanDownloader:JS/Crimace.A, Windows 10, Windows Defender, Windows Defender for Windows 10, WinPlock

“Criminal case against you” is a message that may understandably cause panic. That’s what a recent spam campaign hopes happens, increasing the likelihood of recipients opening the malicious attachment. We recently discovered a new threat that uses email messages pretending to be fax messages, but in truth deliver a ransomware downloader. The attachment used in this…

Microsoft Security

Malicious macro using a sneaky new trick

January 23, 2017 admin antimalware, Antimalware research for IT pros and enthusiasts, Donoff, guidance, Locky, macro, Macro-based malware, malware, malware research, office, ransomware, Social engineering, VBA, VBAscript, Windows 10, Windows Defender, Word

We recently came across a file (ORDER-549-6303896-2172940.docm, SHA1: 952d788f0759835553708dbe323fd08b5a33ec66) containing a VBA project that scripts a malicious macro (SHA1: 73c4c3869304a10ec598a50791b7de1e7da58f36). We added it under the detection TrojanDownloader:O97M/Donoff – a large family of Office-targeting macro-based malware that has been active for several years (see our blog category on macro-based malware for more blogs). However, there wasn’t…

Microsoft Security

No mas, Samas: What’s in this ransomware’s modus operandi?

January 23, 2017 admin antimalware, Credential Guard for Windows 10 Enterprise, cybersecurity, Device Guard for Windows 10 Enterprise, Disable macro, Disable macro in Office, enterprise software security, Java-based vulnerabilities, JBOSS, Lateral account movement security, Macro-based malware, microsoft, Microsoft Passport, New ransomware, Outdated JBOSS, Ransom:MSIL/Samas, ransomware, Ransomware modus operandi, Redhat, Samas ransomware, Samas ransomware geographical distribution, Samas ransomware geoloc_, Samas ransomware infection chain, Secure your code integrity, Securing Lateral Account Movement, Windows 10, Windows Defender, Windows Defender blogs for home users and small businesses, Windows Defender for Windows 10, Windows Hello

We’ve seen how ransomware managed to become a threat category that sends consumers and enterprise reeling when it hits them. It has become a high-commodity malware that is used as payload to spam email, macro malware, and exploit kit campaigns. It also digs onto victims’ pockets in exchange for recovering files from their encrypted form. …