sLoad launches version 2.0, Starslord

Credit to Author: Eric Avena| Date: Tue, 21 Jan 2020 18:00:39 +0000

sLoad has launched version 2.0. With the new version, sLoad, which is a PowerShell-based Trojan downloader notable for its almost exclusive use of the Windows BITS service for malicious activities, has added an anti-analysis trick and the ability to track the stage of infection for every affected machine.

The post sLoad launches version 2.0, Starslord appeared first on Microsoft Security.

Read more

Rethinking cyber scenarios—learning (and training) as you defend

Credit to Author: Elizabeth Wolk| Date: Tue, 14 Jan 2020 17:00:55 +0000

Gamified cybersecurity learning is an increasingly important must-have in your SecOps program, from understanding basic concepts all the way into advanced attacker and defense scenarios. Microsoft and Circadence are working together to democratize and scale cyber readiness globally.

The post Rethinking cyber scenarios—learning (and training) as you defend appeared first on Microsoft Security.

Read more

Data science for cybersecurity: A probabilistic time series model for detecting RDP inbound brute force attacks

Credit to Author: Eric Avena| Date: Wed, 18 Dec 2019 18:00:24 +0000

Microsoft Defender ATP data scientists and threat hunters collaborate to use a data science-driven approach to detecting RDP brute force attacks to protect customers against real-world threats.

The post Data science for cybersecurity: A probabilistic time series model for detecting RDP inbound brute force attacks appeared first on Microsoft Security.

Read more

Multi-stage downloader Trojan sLoad abuses BITS almost exclusively for malicious activities

Credit to Author: Eric Avena| Date: Thu, 12 Dec 2019 17:30:26 +0000

Many of today’s threats evolve to incorporate as many living-off-the-land techniques as possible into the attack chain. The PowerShell-based downloader Trojan known as sLoad, however, puts all its bets on BITS. Background Intelligent Transfer Service (BITS) is a component of the Windows operating system that provides an ability to transfer files in an asynchronous and…

The post Multi-stage downloader Trojan sLoad abuses BITS almost exclusively for malicious activities appeared first on Microsoft Security.

Read more

GALLIUM: Targeting global telecom

Credit to Author: Todd VanderArk| Date: Thu, 12 Dec 2019 17:00:10 +0000

Microsoft Threat Intelligence Center (MSTIC) is raising awareness of the ongoing activity by a group we call GALLIUM, targeting telecommunication providers.

The post GALLIUM: Targeting global telecom appeared first on Microsoft Security.

Read more

The quiet evolution of phishing

Credit to Author: Eric Avena| Date: Wed, 11 Dec 2019 17:00:56 +0000

In 2019, we saw phishing attacks reach new levels of creativity and sophistication. Read about the most notable phishing techniques we spotted in the past year.

The post The quiet evolution of phishing appeared first on Microsoft Security.

Read more

Insights from one year of tracking a polymorphic threat

Credit to Author: Eric Avena| Date: Tue, 26 Nov 2019 17:00:56 +0000

We discovered the polymoprhic threat Dexphot in October 2018. In the months that followed, we closely tracked the threat as attackers upgraded the malware, targeted new processes, and worked around defensive measures. One year’s worth of intelligence helped us gain insight not only into the goals and motivations of Dexphot’s authors, but of cybercriminals in general.

The post Insights from one year of tracking a polymorphic threat appeared first on Microsoft Security.

Read more

Rethinking cyber learning—consider gamification

Credit to Author: Todd VanderArk| Date: Mon, 25 Nov 2019 17:00:55 +0000

Gamified cybersecurity solutions offer immense promise by giving users practical, hands-on opportunities to learn by doing. Microsoft and Circadence are partnering to deliver Azure-hosted cyber range learning solutions for beginners up to advanced SecOps pros. Gamification is an increasingly important way for enterprises to attract tomorrow’s cyber pro talent and create tailored learning and more defined career paths and progression.

The post Rethinking cyber learning—consider gamification appeared first on Microsoft Security.

Read more