Deep learning rises: New methods for detecting malicious PowerShell

We adopted a deep learning technique that was initially developed for natural language processing and applied to expand Microsoft Defender ATP’s coverage of detecting malicious PowerShell scripts, which continue to be a critical attack vector.
The post Deep learning rises: New methods for detecting malicious PowerShell appeared first on Microsoft Security. READ MORE HERE…

Read more

From unstructured data to actionable intelligence: Using machine learning for threat intelligence

Machine learning and natural language processing can automate the processing of unstructured text for insightful, actionable threat intelligence.
The post From unstructured data to actionable intelligence: Using machine learning for threat intelligence appeared first on Microsoft Security. READ MORE HERE…

Read more

How Windows Defender Antivirus integrates hardware-based system integrity for informed, extensive endpoint protection

The deep integration of Windows Defender Antivirus with hardware-based isolation capabilities allows the detection of artifacts of attacks that tamper with kernel-mode agents at the hypervisor level.
The post How Windows Defender Antivirus integrates hardware-based system integrity for informed, extensive endpoint protection appeared first on Microsoft Security. READ MORE HERE…

Read more

Council of EU Law Enforcement Protocol improves cross-border cooperation

The new EU Law Enforcement Emergency Response Protocol addresses the growing problem of planning and coordinating between governments, agencies, and companies when cyberattacks occur across international boundaries.
The post Council of EU Law Enforcement Protocol improves cross-border cooperation appeared first on Microsoft Security. READ MORE HERE…

Read more

Dismantling a fileless campaign: Microsoft Defender ATP next-gen protection exposes Astaroth attack

Advanced technologies in Microsoft Defender ATP next-generation protection exposed and defeated a widespread fileless campaign that completely “lived off the land” throughout a complex attack chain that run the info-stealing backdoor Astaroth directly in memory
The post Dismantling a fileless campaign: Microsoft Defender ATP next-gen protection exposes Astaroth attack appeared first on Microsoft Security. READ MORE HERE…

Read more

Microsoft’s Threat & Vulnerability Management now helps thousands of customers to discover, prioritize, and remediate vulnerabilities in real time

Microsoft’s Threat & Vulnerability Management solution is generally available as of June 30! We have been working closely with customers for more than a year to incorporate their real needs and feedback to better address vulnerability management. Our goal is to empower defenders with the tools they need to better protect against evolving threats, and we believe this solution will help provide that additional visibility and agility they need.
The post Microsoft’s Threat & Vulnerability Management now helps thousands of customers to discover, prioritize, and remediate vulnerabilities in real time appeared first on Microsoft Security. READ MORE HERE…

Read more

Lessons learned from the Microsoft SOC Part 2b: Career paths and readiness

In our second post about people—our most valuable resource in the SOC—we talk about our investments into readiness programs, career paths, and recruiting for success.
The post Lessons learned from the Microsoft SOC Part 2b: Career paths and readiness appeared first on Microsoft Security. READ MORE HERE…

Read more