script-based attacks – Computer Security Articles

Now you see me: Exposing fileless malware

January 24, 2018 admin cybersecurity, fileless malware, malware research, Powershell, Reflective DLL loading, research, script-based attacks, Windows 10, Windows 10 S, Windows Defender Antivirus, Windows Defender ATP, Windows Defender AV, Windows Defender Exploit Guard

Credit to Author: Windows Defender ATP| Date: Wed, 24 Jan 2018 14:00:21 +0000

Attackers are determined to circumvent security defenses using increasingly sophisticated techniques. Fileless malware boosts the stealth and effectiveness of an attack, and two of last years major ransomware outbreaks (Petya and WannaCry) used fileless techniques as part of their kill chains. The idea behind fileless malware is simple: If tools already exist on a device

Microsoft Security

Windows Defender ATP machine learning and AMSI: Unearthing script-based attacks that ‘live off the land’

January 16, 2018 admin Antimalware Scan Interface (AMSI), Antivirus, antivirus software, Cloud Computing, cybersecurity, Fall Creators Update, fileless malware, in-memory attacks, Intelligent Security Graph, machine learning, Next-gen antivirus, Powershell, script-based attacks, Security Intelligence, Security Response, Windows 10, Windows Defender Antivirus, Windows Defender ATP, Windows Defender AV, Windows Defender Exploit Guard

Credit to Author: Windows Defender ATP| Date: Mon, 04 Dec 2017 14:00:07 +0000

Scripts are becoming the weapon of choice of sophisticated activity groups responsible for targeted attacks as well as malware authors who indiscriminately deploy commodity threats. Scripting engines such as JavaScript, VBScript, and PowerShell offer tremendous benefits to attackers. They run through legitimate processes and are perfect tools for living off the landstaying away from the