The story of ZeroLogon

Credit to Author: Pieter Arntz| Date: Tue, 19 Jan 2021 18:37:09 +0000

ZeroLogon is a treasure for cybercriminals, an ongoing struggle for Microsoft, and a headache for everyone caught in the middle.

Categories: Exploits and vulnerabilities

Tags:

(Read more…)

The post The story of ZeroLogon appeared first on Malwarebytes Labs.

Read more

The science behind Microsoft Threat Protection: Attack modeling for finding and stopping evasive ransomware

Credit to Author: Eric Avena| Date: Wed, 10 Jun 2020 17:42:07 +0000

Microsoft Threat Protection uses a data-driven approach for identifying lateral movement, combining industry-leading optics, expertise, and data science to deliver automated discovery of some of the most critical threats today.

The post The science behind Microsoft Threat Protection: Attack modeling for finding and stopping evasive ransomware appeared first on Microsoft Security.

Read more

Detecting credential theft through memory access modelling with Microsoft Defender ATP

Credit to Author: Eric Avena| Date: Thu, 09 May 2019 17:29:45 +0000

Microsoft Defender ATP instruments memory-related function calls such as VirtualAlloc and VirtualProtect to catch in-memory attack techniques like reflective DLL loading. The same signals can also be used to generically detect malicious credential dumping activities performed by a wide range of different individual tools.

The post Detecting credential theft through memory access modelling with Microsoft Defender ATP appeared first on Microsoft Security.

Read more