Collaborate Disseminate
In late March 2018, I analyzed an interesting PDF sample found by ESET senior malware researcher Anton Cherpanov. The sample was initially reported to Microsoft as a potential exploit for an unknown Windows kernel vulnerability. During my investigation… Continue reading Taking apart a double zero-day sample discovered in joint hunt with ESET
The traditional perimeter-based network defense is obsolete. Perimeter-based networks operate on the assumption that all systems within a network can be trusted. However, todays increasingly mobile workforce, the migration towards public cloud services… Continue reading Building Zero Trust networks with Microsoft 365
Machine learning is a key driver in the constant evolution of security technologies at Microsoft. Machine learning allows Microsoft 365 to scale next-gen protection capabilities and enhance cloud-based, real-time blocking of new and unknown threats. Ju… Continue reading Machine learning vs. social engineering
The escalating sophistication of cyberattacks is marked by the increased use of kernel-level exploits that attempt to run malware with the highest privileges and evade security solutions and software sandboxes. Kernel exploits famously gave the WannaCr… Continue reading Virtualization-based security (VBS) memory enclaves: Data protection through isolation
Corporate Vice President Brad Anderson recently shared his insights on how Windows Defender Advanced Threat Protection (Windows Defender ATP) evolved to achieve important quality milestones. Our Windows Defender ATP team is committed to deliveri… Continue reading Adding transparency and context into industry AV test results
If weve learned anything from the rise of Marvel Cinematic Universe, its that good things tend to happen when heroes intervene. For securing new applications, this metaphor is a useful one because security isnt always top-of-mind for scrum teams, nor i… Continue reading Want better apps? You need a (agile security) hero!
Email, coupled with reliable social engineering techniques, continues to be one of the primary entry points for credential phishing, targeted attacks, and commodity malware like ransomware and, increasingly in the last few months, cryptocurrency miners… Continue reading Enhancing Office 365 Advanced Threat Protection with detonation-based heuristics and machine learning
Nobody likes passwords. They are inconvenient, insecure, and expensive. In fact, we dislike them so much that weve been busy at work trying to create a world without them a world without passwords. In this blog, we will provide a brief insight into ho… Continue reading Building a world without passwords
Beyond customer education, the scale and complexity of tech support scams require cooperation and broad partnerships across the industry. Given the scale and complexity of tech support scams, how can the security industry at large work together to deal… Continue reading Teaming up in the war on tech support scams
At Microsoft, we want users to be in control of their devices, including knowing the security health of these devices. If important security features should fail, users should be aware. Windows Defender System Guard runtime attestation, a new Windows p… Continue reading Introducing Windows Defender System Guard runtime attestation