The quiet evolution of phishing

In 2019, we saw phishing attacks reach new levels of creativity and sophistication. Read about the most notable phishing techniques we spotted in the past year.
The post The quiet evolution of phishing appeared first on Microsoft Security. READ MORE HERE…

Read more

Insights from one year of tracking a polymorphic threat

We discovered the polymoprhic threat Dexphot in October 2018. In the months that followed, we closely tracked the threat as attackers upgraded the malware, targeted new processes, and worked around defensive measures. One year’s worth of intelligence helped us gain insight not only into the goals and motivations of Dexphot’s authors, but of cybercriminals in general.
The post Insights from one year of tracking a polymorphic threat appeared first on Microsoft Security. READ MORE HERE…

Read more

Going in-depth on the Windows 10 random number generation infrastructure

We are happy to release to the public The Windows 10 random number generation infrastructure white paper, which provides details about the Windows 10 pseudo-random number generator (PRNG) infrastructure, and lists the primary RNG APIs. The whitepaper also explains how the entropy system works, what the entropy sources are, and how initial seeding works.
The post Going in-depth on the Windows 10 random number generation infrastructure appeared first on Microsoft Security. READ MORE HERE…

Read more

Microsoft works with researchers to detect and protect against new RDP exploits

The new exploit attacks show that BlueKeep will be a threat as long as systems remain unpatched, credential hygiene is not achieved, and overall security posture is not kept in check.
The post Microsoft works with researchers to detect and protect against new RDP exploits appeared first on Microsoft Security. READ MORE HERE…

Read more

Experts on demand: Your direct line to Microsoft security insight, guidance, and expertise

Experts on demand is now generally available and gives customers direct access to real-life Microsoft threat analysts to help with their security investigations.
The post Experts on demand: Your direct line to Microsoft security insight, guidance, and expertise appeared first on Microsoft Security. READ MORE HERE…

Read more

Microsoft and partners design new device security requirements to protect against targeted firmware attacks

We’ve been working with partners to design what we call Secured-core PCs, devices that meet a specific set of device requirements that apply the security best practices of isolation and minimal trust to the firmware layer.
The post Microsoft and partners design new device security requirements to protect against targeted firmware attacks appeared first on Microsoft Security. READ MORE HERE…

Read more

Top 6 email security best practices to protect against phishing attacks and business email compromise

What should IT and security teams be looking for in an email security solution to protect all their users, from frontline workers to the C-suite? Here are 6 tips to ensure your organization has a strong email security posture.
The post Top 6 email security best practices to protect against phishing attacks and business email compromise appeared first on Microsoft Security. READ MORE HERE…

Read more

In hot pursuit of elusive threats: AI-driven behavior-based blocking stops attacks in their tracks

Two new machine learning protection features within the behavioral blocking and containment capabilities in Microsoft Defender ATP specialize in detecting threats by analyzing behavior, adding new layers of protection after an attack has started running.
The post In hot pursuit of elusive threats: AI-driven behavior-based blocking stops attacks in their tracks appeared first on Microsoft Security. READ MORE HERE…

Read more