post-exploitation Archives - ThreatsHub Cybersecurity News

Analyzing attacks taking advantage of the Exchange Server vulnerabilities

March 25, 2021 TH Author coin miner, Cybersecurity, DoejoCrypt, Exchange Server, exploits, Lemon Duck, Microsoft security intelligence, post-exploitation, Pydomer, ransomware, Vulnerabilities

Microsoft continues to monitor and investigate attacks exploiting the recent on-premises Exchange Server vulnerabilities. As organizations recover from this incident, we continue to publish guidance and share threat intelligence to help detect and evict threat actors from affected environments.
The post Analyzing attacks taking advantage of the Exchange Server vulnerabilities appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Stopping Active Directory attacks and other post-exploitation behavior with AMSI and machine learning

August 27, 2020 TH Author Active Directory attacks, Antimalware Scan Interface (AMSI), behavioral blocking and containment, BloodHound, Cybersecurity, Endpoint security, Kerberoasting, machine learning, Microsoft Defender Advanced Threat Protection, Microsoft Defender ATP, Microsoft security intelligence, post-exploitation, Threat protection

Microsoft Defender ATP leverages AMSI’s visibility into scripts and harnesses the power of machine learning to detect and stop post-exploitation activities that largely rely on scripts.
The post Stopping Active Directory attacks and other post-exploitation behavior with AMSI and machine learning appeared first on Microsoft Security. READ MORE HERE…