Windows Defender ATP Archives - ThreatsHub Cybersecurity News

Windows Defender ATP integrates with Microsoft Information Protection to discover, protect, and monitor sensitive data on Windows devices

January 17, 2019 TH Author Azure Information Protection, Cybersecurity, Microsoft Information Protection, Windows Defender ATP

This integration empowers Windows to natively understand Azure Information Protection sensitivity labels, to provide visibility into sensitive data on endpoints, to protect sensitive data based on its content, and to detect and respond to post-breach malicious activity that involves or affects sensitive data.
The post Windows Defender ATP integrates with Microsoft Information Protection to discover, protect, and monitor sensitive data on Windows devices appeared first on Microsoft Secure. READ MORE HERE…

Microsoft Secure

Windows Defender ATP has protections for USB and removable devices

December 19, 2018 TH Author Attack surface reduction, Cybersecurity, Windows Defender ATP, Windows Defender AV, Windows Information Protection (WIP)

Meet Jimmy. Jimmy is an employee in your company. He Does Things With Computers (official title). Last Wednesday, as Jimmy got out of his car after parking in the company-owned parking lot, he saw something on the ground. That something is a 512GB USB flash drive! Jimmy picks up the drive, whistling along to himself
Read more
The post Windows Defender ATP has protections for USB and removable devices appeared first on Microsoft Secure. READ MORE HERE…

Microsoft Secure

Tackling phishing with signal-sharing and machine learning

December 19, 2018 TH Author Cybersecurity, Office 365 ATP, PDF attachment, Phishing, phishing attacks, Social Engineering, Windows Defender ATP, Windows SmartScreen

Across services in Microsoft Threat Protection, the correlation of security signals enhances the comprehensive and integrated security for identities, endpoints, user data, cloud apps, and infrastructure. Our industry-leading visibility into the entire attack chain translates to enriched protection thats evident in many different attack scenarios, including flashy cyberattacks, massive malware campaigns, and even small-scale, localized
Read more
The post Tackling phishing with signal-sharing and machine learning appeared first on Microsoft Secure. READ MORE HERE…

Microsoft Secure

Microsoft AI competition explores the next evolution of predictive technologies in security

December 13, 2018 TH Author artificial intelligence, Cybersecurity, machine learning, Windows Defender ATP

Predictive technologies are already effective at detecting and blocking malware at first sight. A new malware prediction competition on Kaggle will challenge the data science community to push these technologies even furtherto stop malware before it is even seen. The Microsoft-sponsored competition calls for participants to predict if a device is likely to encounter malware
Read more
The post Microsoft AI competition explores the next evolution of predictive technologies in security appeared first on Microsoft Secure. READ MORE HERE…

Microsoft Secure

Analysis of cyberattack on U.S. think tanks, non-profits, public sector by unidentified attackers

December 3, 2018 TH Author APT29, CozyBear, Cybersecurity, Defending Democracy Program, Micorosoft AccountGuard, Microsoft Threat Protection, Office 365 ATP, Security Intelligence, Security Response, Windows Defender ATP, YTTRIUM

Reuters recently reported a hacking campaign focused on a wide range of targets across the globe. In the days leading to the Reuters publication, Microsoft researchers were closely tracking the same campaign. Our sensors revealed that the campaign primarily targeted public sector institutions and non-governmental organizations like think tanks and research centers, but also included
Read more
The post Analysis of cyberattack on U.S. think tanks, non-profits, public sector by unidentified attackers appeared first on Microsoft Secure. READ MORE HERE…

Microsoft Secure

What’s new in Windows Defender ATP

November 15, 2018 TH Author Attack surface reduction, automated investigation and response, Custom detection rules, Cybersecurity, Emergency security intelligence udpates, fileless malware, Incidents, Microsoft Cloud App Security, Microsoft Information Protection, sandbox, Threat analytics, Windows Defender ATP, Windows Defender AV

We added new capabilities to each of the pillars of Windows Defender ATPs unified endpoint protection platform: improved attack surface reduction, better-than-ever next-gen protection, more powerful post-breach detection and response, enhanced automation capabilities, more security insights, and expanded threat hunting. These enhancements boost Windows Defender ATP and accrue to the broader Microsoft Threat Protection, an integrated solution for securing identities, endpoints, cloud apps, and infrastructure.
The post What’s new in Windows Defender ATP appeared first on Microsoft Secure. READ MORE HERE…

Microsoft Secure

Attack uses malicious InPage document and outdated VLC media player to give attackers backdoor access to targets

November 8, 2018 TH Author CVE-2017-12842, Cybersecurity, InPage, Office 365 ATP, Targeted Attacks, Windows Defender ATP, Windows Defender AV

Our analysis of a targeted attack that used a language-specific word processor shows why its important to understand and protect against small-scale and localized attacks as well as broad-scale malware campaigns. The attack exploited a vulnerability in InPage, a word processor software for specific languages like Urdu, Persian, Pashto, and Arabic. More than 75% of
Read more
The post Attack uses malicious InPage document and outdated VLC media player to give attackers backdoor access to targets appeared first on Microsoft Secure. READ MORE HERE…

Microsoft Secure

Windows Defender Antivirus can now run in a sandbox

October 26, 2018 TH Author Cybersecurity, sandbox, Windows, Windows 10, Windows Defender Antivirus, Windows Defender ATP, Windows Defender AV

Windows Defender Antivirus has hit a new milestone: the built-in antivirus capabilities on Windows can now run within a sandbox. With this new development, Windows Defender Antivirus becomes the first complete antivirus solution to have this capability and continues to lead the industry in raising the bar for security. Putting Windows Defender Antivirus in a
Read more
The post Windows Defender Antivirus can now run in a sandbox appeared first on Microsoft Secure. READ MORE HERE…

Microsoft Secure

Out of sight but not invisible: Defeating fileless malware with behavior monitoring, AMSI, and next-gen AV

September 27, 2018 TH Author Antimalware Scan Interface (AMSI), behavior monitoring, Cybersecurity, fileless malware, Windows 10, Windows 10 in S mode, Windows Defender Antivirus, Windows Defender ATP, Windows Defender AV

Removing the need for files is the next progression of attacker techniques. While fileless techniques used to be employed almost exclusively in sophisticated cyberattacks, they are now becoming widespread in common malware, too.
The post Out of sight but not invisible: Defeating fileless malware with behavior monitoring, AMSI, and next-gen AV appeared first on Microsoft Secure. READ MORE HERE…

Microsoft Secure

Office VBA + AMSI: Parting the veil on malicious macros

September 12, 2018 TH Author Antimalware Scan Interface (AMSI), Cybersecurity, macro malware, Macros, obfuscation, Office 365, Office 365 ATP, VBA, Windows, Windows 10, Windows Defender Antivirus, Windows Defender ATP, Windows Defender AV

As part of our continued efforts to tackle entire classes of threats, Office 365 client applications now integrate with Antimalware Scan Interface (AMSI), enabling antivirus and other security solutions to scan macros and other scripts at runtime to check for malicious behavior. Macro-based threats have always been a prevalent entry point for malware, but we
Read more
The post Office VBA + AMSI: Parting the veil on malicious macros appeared first on Microsoft Secure. READ MORE HERE…

← Previous