Microsoft – Page 107 – Computer Security Articles

Credit to Author: msft-mmpc| Date: Thu, 16 Mar 2017 03:15:46 +0000

We are seeing a wave of new NSIS installers used in ransomware campaigns. These new installers pack significant updates, indicating a collective move by attackers to once again dodge AV detection by changing the way they package malicious code. These changes are observed in installers that drop ransomware like Cerber, Locky, and others. Cybercriminals have…

Microsoft Security

March 8, 2017 admin

Uncovering cross-process injection with Windows Defender ATP

Credit to Author: msft-mmpc| Date: Thu, 09 Mar 2017 06:16:01 +0000

Windows Defender Advanced Threat Protection (Windows Defender ATP) is a post-breach solution that alerts security operations (SecOps) personnel about hostile activity. As the nature of attacks evolve, Windows Defender ATP must advance so that it continues to help SecOps personnel uncover and address the attacks. With increasing security investments from Microsoft—read how Windows 10 continues to raise…

Microsoft Security

March 2, 2017 admin

Breaking down a notably sophisticated tech support scam M.O.

Credit to Author: msft-mmpc| Date: Fri, 03 Mar 2017 05:39:41 +0000

The cornerstone of tech support scams is the deception that there is something wrong with your PC. To advance this sham, tech support scams have long abused browsers’ full screen function. Coupled with dialogue loops, the pop-up messages that just won’t go away, and the spoofing of brands like Microsoft, tech support scam websites can…

Microsoft Security

February 22, 2017 admin

MSRT February 2017: Chuckenit detection completes MSRT solution for one malware suite

Credit to Author: msft-mmpc| Date: Wed, 22 Feb 2017 22:45:06 +0000

In September 2016, we started adding to Microsoft Malicious Software Removal Tool (MSRT) a malware suite of browser modifiers and other Trojans installed by software bundlers. We documented how the malware in this group install other malware or applications silently, without your consent. This behavior ticks boxes in the evaluation criteria that Microsoft Malware Protection…

Microsoft Security

February 14, 2017 admin

Ransomware: a declining nuisance or an evolving menace?

Credit to Author: msft-mmpc| Date: Tue, 14 Feb 2017 21:56:15 +0000

The volume of ransomware encounters is on a downward trend. Are we seeing the beginning of the end of this vicious threat? Unfortunately, a look at the attack vectors, the number of unique families released into the wild, and the improvements in malware code reveals otherwise. Ransomware was arguably the biggest security story of 2016….

Microsoft Security

February 2, 2017 admin

Improved scripts in .lnk files now deliver Kovter in addition to Locky

Cybercriminals are using a combination of improved script and well-maintained download sites in trying to install Locky and Kovter on more computers. A few months ago, we reported an email campaign distributing .lnk files with a malicious script that downloaded Locky ransomware on target computers. Opening the malicious .lnk files executed a PowerShell script that…

Microsoft Security

January 30, 2017 admin

Averting ransomware epidemics in corporate networks with Windows Defender ATP

Microsoft security researchers continue to observe ransomware campaigns blanketing the market and indiscriminately hitting potential targets. Unsurprisingly, these campaigns also continue to use email and the web as primary delivery mechanisms. Also, it appears that most corporate victims are simply caught by the wide nets cast by ransomware operators. Unlike cyberespionage groups, ransomware operators do…