Windows – Microsoft Secure

April 20, 2018
- Share

Teaming up in the war on tech support scams

Beyond customer education, the scale and complexity of tech support scams require cooperation and broad partnerships across the industry. Given the scale and complexity of tech support scams, how can the security industry at large work together to deal a major blow to this enduring threat?...

April 19, 2018
- Share

Introducing Windows Defender System Guard runtime attestation

By Windows Defender Research

At Microsoft, we want users to be in control of their devices, including knowing the security health of these devices. If important security features should fail, users should be aware. Windows Defender System Guard runtime attestation, a new Windows platform security technology, fills this need. In Windows 10 Fall Creators Update, we reorganized all system...

April 16, 2018
- Share

Tapping the intelligent cloud to make security better and easier

By Rob Lefferts, Director of Enterprise and Security, Windows

There has been a distinct shift in my conversations with customers over the last year. Most have gone from asking ‘can we still keep our assets secure as we adopt cloud services?,’ to declaring, ‘we are adopting cloud services in order to improve our security posture.’ The driving factor is generally a realization that a...

April 4, 2018
- Share

Hunting down Dofoil with Windows Defender ATP

By Windows Defender Research

Dofoil is a sophisticated threat that attempted to install coin miner malware on hundreds of thousands of computers in March, 2018. In previous blog posts we detailed how behavior monitoring and machine learning in Windows Defender AV protected customers from a massive Dofoil outbreak that we traced back to a software update poisoning campaign several...

March 22, 2018
- Share

Why Windows Defender Antivirus is the most deployed in the enterprise

By Brad Anderson, Corporate Vice President, Enterprise Mobility + Security

Statistics about the success and sophistication of malware can be daunting. The following figure is no different: Approximately 96% of all malware is polymorphic – meaning that it is only experienced by a single user and device before it is replaced with yet another malware variant. This is because in most cases malware is caught...

March 14, 2018
- Share

Sharing research and discoveries at PWN2OWN

By Windows Defender Research

The annual PWN2OWN exploit contest at the CanSecWest conference in Vancouver, British Columbia, Canada, brings together some of the top security talent from across the globe in a friendly competition. For the participants, these events are a platform to demonstrate world-class skills and vie for significant cash prizes. For companies like Microsoft, where we have...

March 13, 2018
- Share

Poisoned peer-to-peer app kicked off Dofoil coin miner outbreak

By Windows Defender Research

On March 7, we reported that a massive Dofoil campaign attempted to install malicious cryptocurrency miners on hundreds of thousands of computers. Windows Defender Antivirus, with its behavior monitoring, machine learning technologies, and layered approach to security detected and blocked the attack within milliseconds. Windows 10 S, a special configuration of Windows 10 providing Microsoft-verified security,...

MSC17_dataCenter
Microsoft Contact: Stephen Smith (stepsmit)
Agency: Cinco Design
Agency Contact: Kate Callahan (kate@cincodesign.com)
Photographer: Amy Sacka (http://www.amysackaphotography.com/)
Shoot month: March 2017
Location: Portland, OR
Business: LinkedIn Datacenter

March 13, 2018
- Share

Invisible resource thieves: The increasing threat of cryptocurrency miners

By Windows Defender Research

The surge in Bitcoin prices has driven widescale interest in cryptocurrencies. While the future of digital currencies is uncertain, they are shaking up the cybersecurity landscape as they continue to influence the intent and nature of attacks. Cybercriminals gave cryptocurrencies a bad name when ransomware started instructing victims to pay ransom in the form of...

March 7, 2018
- Share

Behavior monitoring combined with machine learning spoils a massive Dofoil coin mining campaign

By Windows Defender Research

Update: Further analysis of this campaign points to a poisoned update for a peer-to-peer (P2P) application. For more information, read Poisoned peer-to-peer app kicked off Dofoil coin miner outbreak. To detect and respond to Dofoil in corporate networks, read Hunting down Dofoil with Windows Defender ATP. Just before noon on March 6 (PST), Windows Defender...

March 1, 2018
- Share

FinFisher exposed: A researcher’s tale of defeating traps, tricks, and complex virtual machines

By Office 365 Threat Research

Office 365 Advanced Threat Protection (Office 365 ATP) blocked many notable zero-day exploits in 2017. In our analysis, one activity group stood out: NEODYMIUM. This threat actor is remarkable for two reasons: Its access to sophisticated zero-day exploits for Microsoft and Adobe software Its use of an advanced piece of government-grade surveillance spyware FinFisher, also...

Blog Posts

Follow Microsoft