Behind the scenes of business email compromise: Using cross-domain threat data to disrupt a large BEC campaign

Credit to Author: Eric Avena| Date: Mon, 14 Jun 2021 16:00:44 +0000

Microsoft 365 Defender researchers recently uncovered and disrupted a large-scale business email compromise (BEC) infrastructure hosted in multiple web services. Attackers used this cloud-based infrastructure to compromise mailboxes via phishing and add forwarding rules, enabling these attackers to get access to emails about financial transactions.

The post Behind the scenes of business email compromise: Using cross-domain threat data to disrupt a large BEC campaign appeared first on Microsoft Security Blog.

Read more

Microsoft Defender for Endpoint now supports Windows 10 on Arm devices

Credit to Author: Eric Avena| Date: Mon, 05 Apr 2021 18:00:30 +0000

Today, we are excited to announce that Microsoft Defender for Endpoint support of Windows 10 on Arm devices is generally available. This expanded support is part of our continued efforts to extend Microsoft Defender for Endpoint capabilities across all the endpoints defenders need to secure.

The post Microsoft Defender for Endpoint now supports Windows 10 on Arm devices appeared first on Microsoft Security.

Read more

Microsoft Defender for Endpoint now supports Windows 10 on Arm

Credit to Author: Eric Avena| Date: Mon, 05 Apr 2021 18:00:30 +0000

Today, we are excited to announce that Microsoft Defender for Endpoint support of Windows 10 on Arm devices is generally available. This expanded support is part of our continued efforts to extend Microsoft Defender for Endpoint capabilities across all the endpoints defenders need to secure.

The post Microsoft Defender for Endpoint now supports Windows 10 on Arm appeared first on Microsoft Security.

Read more

GoldMax, GoldFinder, and Sibot: Analyzing NOBELIUM’s layered persistence

Credit to Author: Eric Avena| Date: Thu, 04 Mar 2021 17:00:02 +0000

Microsoft has identified three new pieces of malware being used in late-stage activity by NOBELIUM – the actor behind the SolarWinds attacks, SUNBURST, and TEARDROP.

The post GoldMax, GoldFinder, and Sibot: Analyzing NOBELIUM’s layered persistence appeared first on Microsoft Security.

Read more