Forrester names Microsoft a Leader in 2019 Endpoint Security Suites Wave

Microsoft is positioned as a leader in The Forrester Wave™: Endpoint Security Suites, Q3 2019, receiving among the second highest scores in both the strategy and market presence categories.
The post Forrester names Microsoft a Leader in 2019 Endpoint Security Suites Wave appeared first on Microsoft Security. READ MORE HERE…

Read more

Bring your own LOLBin: Multi-stage, fileless Nodersok campaign delivers rare Node.js-based malware

A new fileless malware campaign we dubbed Nodersok delivers two very unusual LOLBins to turn infected machines into zombie proxies.
The post Bring your own LOLBin: Multi-stage, fileless Nodersok campaign delivers rare Node.js-based malware appeared first on Microsoft Security. READ MORE HERE…

Read more

Deep learning rises: New methods for detecting malicious PowerShell

We adopted a deep learning technique that was initially developed for natural language processing and applied to expand Microsoft Defender ATP’s coverage of detecting malicious PowerShell scripts, which continue to be a critical attack vector.
The post Deep learning rises: New methods for detecting malicious PowerShell appeared first on Microsoft Security. READ MORE HERE…

Read more

Gartner names Microsoft a Leader in 2019 Endpoint Protection Platforms Magic Quadrant

Gartner named Microsoft a Leader in the 2019 Gartner Magic Quadrant for Endpoint Protection Platforms, positioned highest in execution.
The post Gartner names Microsoft a Leader in 2019 Endpoint Protection Platforms Magic Quadrant appeared first on Microsoft Security. READ MORE HERE…

Read more

From unstructured data to actionable intelligence: Using machine learning for threat intelligence

Machine learning and natural language processing can automate the processing of unstructured text for insightful, actionable threat intelligence.
The post From unstructured data to actionable intelligence: Using machine learning for threat intelligence appeared first on Microsoft Security. READ MORE HERE…

Read more

A case study in industry collaboration: Poisoned RDP vulnerability disclosure and response

Through a cross-company, cross-continent collaboration, we discovered a vulnerability, secured customers, and developed fix, all while learning important lessons that we can share with the industry.
The post A case study in industry collaboration: Poisoned RDP vulnerability disclosure and response appeared first on Microsoft Security. READ MORE HERE…

Read more

How Windows Defender Antivirus integrates hardware-based system integrity for informed, extensive endpoint protection

The deep integration of Windows Defender Antivirus with hardware-based isolation capabilities allows the detection of artifacts of attacks that tamper with kernel-mode agents at the hypervisor level.
The post How Windows Defender Antivirus integrates hardware-based system integrity for informed, extensive endpoint protection appeared first on Microsoft Security. READ MORE HERE…

Read more

New machine learning model sifts through the good to unearth the bad in evasive malware

Most machine learning models are trained on a mix of malicious and clean features. Attackers routinely try to throw these models off balance by stuffing clean features into malware. Monotonic models are resistant against adversarial attacks because they are trained differently: they only look for malicious features. The magic is this: Attackers can’t evade a monotonic model by adding clean features. To evade a monotonic model, an attacker would have to remove malicious features.
The post New machine learning model sifts through the good to unearth the bad in evasive malware appeared first on Microsoft Security. READ MORE HERE…

Read more