Microsoft works with researchers to detect and protect against new RDP exploits

The new exploit attacks show that BlueKeep will be a threat as long as systems remain unpatched, credential hygiene is not achieved, and overall security posture is not kept in check.
The post Microsoft works with researchers to detect and protect against new RDP exploits appeared first on Microsoft Security. READ MORE HERE…

Read more

Experts on demand: Your direct line to Microsoft security insight, guidance, and expertise

Experts on demand is now generally available and gives customers direct access to real-life Microsoft threat analysts to help with their security investigations.
The post Experts on demand: Your direct line to Microsoft security insight, guidance, and expertise appeared first on Microsoft Security. READ MORE HERE…

Read more

A case study in industry collaboration: Poisoned RDP vulnerability disclosure and response

Through a cross-company, cross-continent collaboration, we discovered a vulnerability, secured customers, and developed fix, all while learning important lessons that we can share with the industry.
The post A case study in industry collaboration: Poisoned RDP vulnerability disclosure and response appeared first on Microsoft Security. READ MORE HERE…

Read more

Analysis of cyberattack on U.S. think tanks, non-profits, public sector by unidentified attackers

Reuters recently reported a hacking campaign focused on a wide range of targets across the globe. In the days leading to the Reuters publication, Microsoft researchers were closely tracking the same campaign. Our sensors revealed that the campaign primarily targeted public sector institutions and non-governmental organizations like think tanks and research centers, but also included
Read more
The post Analysis of cyberattack on U.S. think tanks, non-profits, public sector by unidentified attackers appeared first on Microsoft Secure. READ MORE HERE…

Read more

Attack inception: Compromised supply chain within a supply chain poses new risks

A new software supply chain attack unearthed by Windows Defender Advanced Threat Protection (Windows Defender ATP) emerged as an unusual multi-tier case. Unknown attackers compromised the shared infrastructure in place between the vendor of a PDF editor application and one of its software vendor partners, making the apps legitimate installer the unsuspecting carrier of a Read more READ MORE HERE…

Read more

Taking apart a double zero-day sample discovered in joint hunt with ESET

In late March 2018, I analyzed an interesting PDF sample found by ESET senior malware researcherAnton Cherepanov. The sample was initially reported to Microsoft as a potential exploit for an unknown Windows kernel vulnerability. During my investigation in parallel with ESET researchers, I was surprised to discover two new zero-day exploits in the same PDF. Read more READ MORE HERE…

Read more

Machine learning vs. social engineering

Machine learning is a key driver in the constant evolution of security technologies at Microsoft. Machine learning allows Microsoft 365 to scale next-gen protection capabilities and enhance cloud-based, real-time blocking of new and unknown threats. Just in the last few months, machine learning has helped us to protect hundreds of thousands of customers against ransomware, Read more READ MORE HERE…

Read more