Microsoft Threat Intelligence – Computer Security Articles

Our commitment to our customers’ security

January 23, 2017 admin Advanced persistent threats, Antimalware research for IT pros and enthusiasts, Coordinated Malware Eradication, CVE-2016-7855, Elevation of privileges, Exploits, Microsoft Edge, Microsoft Edge on Windows 10, Microsoft Threat Intelligence, Microsoft's post-breach detection approach, post-breach, STRONTIUM APT, Terry Myerson's blog, Windows 10, Windows Defender ATP, Windows Defender ATP detects STRONTIUM

This guest blog post is by Terry Myerson / Executive Vice President, Windows and Devices Group Windows is the only platform with a customer commitment to investigate reported security issues and proactively update impacted devices as soon as possible. And we take this responsibility very seriously. Recently, the activity group that Microsoft Threat Intelligence calls STRONTIUM…

Microsoft Security

Reverse engineering DUBNIUM –Stage 2 payload analysis

January 23, 2017 admin Advanced Persistent Threat, Advanced persistent threats, Antimalware research for IT pros and enthusiasts, DUBNIUM APT, DUBNIUM infection chain, DUBNIUM payload, Microsoft Threat Intelligence

Recently, we blogged about the basic functionality and features of the DUBNIUM advanced persistent threat (APT) activity group Stage 1 binary and Adobe Flash exploit used during the December 2015 incident (Part 1, Part 2). In this blog, we will go through the overall infection chain structure and the Stage 2 executable details. Stage 2 executables…