Windows Defender ATP – Page 3

Hunting down Dofoil with Windows Defender ATP

Posted on April 4, 2018 by Windows Defender ATP

Dofoil is a sophisticated threat that attempted to install coin miner malware on hundreds of thousands of computers in March, 2018. In previous blog posts we detailed how behavior monitoring and machine learning in Windows Defender AV protected custome… Continue reading Hunting down Dofoil with Windows Defender ATP→

Why Windows Defender Antivirus is the most deployed in the enterprise

Posted on March 22, 2018 by Windows Defender ATP

Statistics about the success and sophistication of malware can be daunting. The following figure is no different: Approximately 96% of all malware is polymorphic meaning that it is only experienced by a single user and device before it is replaced wit… Continue reading Why Windows Defender Antivirus is the most deployed in the enterprise→

Invisible resource thieves: The increasing threat of cryptocurrency miners

Posted on March 13, 2018 by Windows Defender ATP

The surge in Bitcoin prices has driven widescale interest in cryptocurrencies. While the future of digital currencies is uncertain, they are shaking up the cybersecurity landscape as they continue to influence the intent and nature of attacks. Cybercri… Continue reading Invisible resource thieves: The increasing threat of cryptocurrency miners→

FinFisher exposed: A researcher’s tale of defeating traps, tricks, and complex virtual machines

Posted on March 1, 2018 by Windows Defender ATP

Office 365 Advanced Threat Protection (Office 365 ATP) blocked many notable zero-day exploits in 2017. In our analysis, one activity group stood out: NEODYMIUM. This threat actor is remarkable for two reasons: Its access to sophisticated zero-day explo… Continue reading FinFisher exposed: A researcher’s tale of defeating traps, tricks, and complex virtual machines→

How artificial intelligence stopped an Emotet outbreak

Posted on February 14, 2018 by Windows Defender ATP

At 12:46 a.m. local time on February 3, a Windows 7 Pro customer in North Carolina became the first would-be victim of a new malware attack campaign for Trojan:Win32/Emotet. In the next 30 minutes, the campaign tried to attack over a thousand potential… Continue reading How artificial intelligence stopped an Emotet outbreak→

Protecting customers from being intimidated into making an unnecessary purchase

Posted on January 30, 2018 by Windows Defender ATP

There has been an increase in free versions of programs that purport to scan computers for various errors, and then use alarming, coercive messages to scare customers into buying a premium version of the same program. The paid version of these programs… Continue reading Protecting customers from being intimidated into making an unnecessary purchase→

Now you see me: Exposing fileless malware

Posted on January 24, 2018 by Windows Defender ATP

Attackers are determined to circumvent security defenses using increasingly sophisticated techniques. Fileless malware boosts the stealth and effectiveness of an attack, and two of last years major ransomware outbreaks (Petya and WannaCry) used fileles… Continue reading Now you see me: Exposing fileless malware→