Windows Defender ATP has protections for USB and removable devices

Credit to Author: Windows Defender ATP team| Date: Wed, 19 Dec 2018 21:52:09 +0000

Meet Jimmy. Jimmy is an employee in your company. He Does Things With Computers (official title). Last Wednesday, as Jimmy got out of his car after parking in the company-owned parking lot, he saw something on the ground. That something is a 512GB USB flash drive! Jimmy picks up the drive, whistling along to himself

Read more

The post Windows Defender ATP has protections for USB and removable devices appeared first on Microsoft Secure.

Read more

Tackling phishing with signal-sharing and machine learning

Credit to Author: Windows Defender Research| Date: Wed, 19 Dec 2018 16:00:11 +0000

Across services in Microsoft Threat Protection, the correlation of security signals enhances the comprehensive and integrated security for identities, endpoints, user data, cloud apps, and infrastructure. Our industry-leading visibility into the entire attack chain translates to enriched protection thats evident in many different attack scenarios, including flashy cyberattacks, massive malware campaigns, and even small-scale, localized

Read more

The post Tackling phishing with signal-sharing and machine learning appeared first on Microsoft Secure.

Read more

Microsoft AI competition explores the next evolution of predictive technologies in security

Credit to Author: Windows Defender Research| Date: Thu, 13 Dec 2018 19:00:54 +0000

Predictive technologies are already effective at detecting and blocking malware at first sight. A new malware prediction competition on Kaggle will challenge the data science community to push these technologies even furtherto stop malware before it is even seen. The Microsoft-sponsored competition calls for participants to predict if a device is likely to encounter malware

Read more

The post Microsoft AI competition explores the next evolution of predictive technologies in security appeared first on Microsoft Secure.

Read more

Analysis of cyberattack on U.S. think tanks, non-profits, public sector by unidentified attackers

Credit to Author: Windows Defender ATP| Date: Mon, 03 Dec 2018 16:00:10 +0000

Reuters recently reported a hacking campaign focused on a wide range of targets across the globe. In the days leading to the Reuters publication, Microsoft researchers were closely tracking the same campaign. Our sensors revealed that the campaign primarily targeted public sector institutions and non-governmental organizations like think tanks and research centers, but also included

Read more

The post Analysis of cyberattack on U.S. think tanks, non-profits, public sector by unidentified attackers appeared first on Microsoft Secure.

Read more

Attack uses malicious InPage document and outdated VLC media player to give attackers backdoor access to targets

Credit to Author: Windows Defender ATP| Date: Thu, 08 Nov 2018 18:08:13 +0000

Our analysis of a targeted attack that used a language-specific word processor shows why its important to understand and protect against small-scale and localized attacks as well as broad-scale malware campaigns. The attack exploited a vulnerability in InPage, a word processor software for specific languages like Urdu, Persian, Pashto, and Arabic. More than 75% of

Read more

The post Attack uses malicious InPage document and outdated VLC media player to give attackers backdoor access to targets appeared first on Microsoft Secure.

Read more

Windows Defender Antivirus can now run in a sandbox

Credit to Author: Windows Defender Research| Date: Fri, 26 Oct 2018 17:10:18 +0000

Windows Defender Antivirus has hit a new milestone: the built-in antivirus capabilities on Windows can now run within a sandbox. With this new development, Windows Defender Antivirus becomes the first complete antivirus solution to have this capability and continues to lead the industry in raising the bar for security. Putting Windows Defender Antivirus in a

Read more

The post Windows Defender Antivirus can now run in a sandbox appeared first on Microsoft Secure.

Read more

Out of sight but not invisible: Defeating fileless malware with behavior monitoring, AMSI, and next-gen AV

Credit to Author: Windows Defender Research| Date: Thu, 27 Sep 2018 16:00:24 +0000

Removing the need for files is the next progression of attacker techniques. While fileless techniques used to be employed almost exclusively in sophisticated cyberattacks, they are now becoming widespread in common malware, too.

The post Out of sight but not invisible: Defeating fileless malware with behavior monitoring, AMSI, and next-gen AV appeared first on Microsoft Secure.

Read more

Protecting the modern workplace from a wide range of undesirable software

Credit to Author: Windows Defender Research| Date: Tue, 07 Aug 2018 16:00:26 +0000

Security is a fundamental component of the trusted and productive Windows experience that we deliver to customers through modern platforms like Windows 10 and Windows 10 in S mode. As we build intelligent security technologies that protect the modern workplace, we aim to always ensure that customers have control over their devices and experiences. To

Read more

Read more

Attack inception: Compromised supply chain within a supply chain poses new risks

Credit to Author: Windows Defender ATP| Date: Thu, 26 Jul 2018 13:00:13 +0000

A new software supply chain attack unearthed by Windows Defender Advanced Threat Protection (Windows Defender ATP) emerged as an unusual multi-tier case. Unknown attackers compromised the shared infrastructure in place between the vendor of a PDF editor application and one of its software vendor partners, making the apps legitimate installer the unsuspecting carrier of a

Read more

Read more

March-April 2018 test results: More insights into industry AV tests

Credit to Author: Windows Defender ATP| Date: Fri, 20 Jul 2018 19:30:38 +0000

In a previous post, in the spirit of our commitment to delivering industry-leading protection, customer choice, and transparency on the quality of our solutions, we shared insights and context into the results of AV-TESTs January-February 2018 test cycle. We released a transparency report to help our customers and the broader security community to stay informed

Read more

Read more

Machine learning vs. social engineering

Credit to Author: Windows Defender ATP| Date: Thu, 07 Jun 2018 13:00:56 +0000

Machine learning is a key driver in the constant evolution of security technologies at Microsoft. Machine learning allows Microsoft 365 to scale next-gen protection capabilities and enhance cloud-based, real-time blocking of new and unknown threats. Just in the last few months, machine learning has helped us to protect hundreds of thousands of customers against ransomware,

Read more

Read more