Tackling phishing with signal-sharing and machine learning

Credit to Author: Windows Defender Research| Date: Wed, 19 Dec 2018 16:00:11 +0000

Across services in Microsoft Threat Protection, the correlation of security signals enhances the comprehensive and integrated security for identities, endpoints, user data, cloud apps, and infrastructure. Our industry-leading visibility into the entire attack chain translates to enriched protection thats evident in many different attack scenarios, including flashy cyberattacks, massive malware campaigns, and even small-scale, localized

Read more

The post Tackling phishing with signal-sharing and machine learning appeared first on Microsoft Secure.

Read more

Analysis of cyberattack on U.S. think tanks, non-profits, public sector by unidentified attackers

Credit to Author: Windows Defender ATP| Date: Mon, 03 Dec 2018 16:00:10 +0000

Reuters recently reported a hacking campaign focused on a wide range of targets across the globe. In the days leading to the Reuters publication, Microsoft researchers were closely tracking the same campaign. Our sensors revealed that the campaign primarily targeted public sector institutions and non-governmental organizations like think tanks and research centers, but also included

Read more

The post Analysis of cyberattack on U.S. think tanks, non-profits, public sector by unidentified attackers appeared first on Microsoft Secure.

Read more

Attack uses malicious InPage document and outdated VLC media player to give attackers backdoor access to targets

Credit to Author: Windows Defender ATP| Date: Thu, 08 Nov 2018 18:08:13 +0000

Our analysis of a targeted attack that used a language-specific word processor shows why its important to understand and protect against small-scale and localized attacks as well as broad-scale malware campaigns. The attack exploited a vulnerability in InPage, a word processor software for specific languages like Urdu, Persian, Pashto, and Arabic. More than 75% of

Read more

The post Attack uses malicious InPage document and outdated VLC media player to give attackers backdoor access to targets appeared first on Microsoft Secure.

Read more

Enhancing Office 365 Advanced Threat Protection with detonation-based heuristics and machine learning

Credit to Author: Windows Defender ATP| Date: Thu, 10 May 2018 16:00:09 +0000

Email, coupled with reliable social engineering techniques, continues to be one of the primary entry points for credential phishing, targeted attacks, and commodity malware like ransomware and, increasingly in the last few months, cryptocurrency miners. Office 365 Advanced Threat Protection (ATP) uses a comprehensive and multi-layered solution to protect mailboxes, files, online storage, and applications

Read more

Read more