Skip to content

Microsoft Secure

MSC17_dataCenter
Microsoft Contact: Stephen Smith (stepsmit)
Agency: Cinco Design
Agency Contact: Kate Callahan (kate@cincodesign.com)
Photographer: Amy Sacka (http://www.amysackaphotography.com/)
Shoot month: March 2017
Location: Portland, OR
Business: LinkedIn Datacenter

Invisible resource thieves: The increasing threat of cryptocurrency miners

The surge in Bitcoin prices has driven widescale interest in cryptocurrencies. While the future of digital currencies is uncertain, they are shaking up the cybersecurity landscape as they continue to influence the intent and nature of attacks. Cybercriminals gave cryptocurrencies a bad name when ransomware started instructing victims to pay ransom in the form of...

Read more

MSC17_dataCenter
Microsoft Contact: Stephen Smith (stepsmit)
Agency: Cinco Design
Agency Contact: Kate Callahan (kate@cincodesign.com)
Photographer: Amy Sacka (http://www.amysackaphotography.com/)
Shoot month: March 2017
Location: Portland, OR
Business: LinkedIn Datacenter

Windows Defender ATP machine learning and AMSI: Unearthing script-based attacks that ‘live off the land’

Scripts are becoming the weapon of choice of sophisticated activity groups responsible for targeted attacks as well as malware authors who indiscriminately deploy commodity threats. Scripting engines such as JavaScript, VBScript, and PowerShell offer tremendous benefits to attackers. They run through legitimate processes and are perfect tools for “living off the land”—staying away from the...

Read more

Windows Defender Exploit Guard: Reduce the attack surface against next-generation malware

Windows Defender Exploit Guard is a new set of intrusion prevention capabilities that ships with the Windows 10 Fall Creators Update. The four components of Windows Defender Exploit Guard are designed to lock down the device against a wide variety of attack vectors and block behaviors commonly used in malware attacks, while enabling enterprises to...

Read more

Improved scripts in .lnk files now deliver Kovter in addition to Locky

Improved scripts in .lnk files now deliver Kovter in addition to Locky

Cybercriminals are using a combination of improved script and well-maintained download sites to attempt installing Locky and Kovter on more computers. A few months ago, we reported an email campaign distributing .lnk files with a malicious script that delivered Locky ransomware. Opening the malicious .lnk files executed a PowerShell script that performed a download routine....

Read more

Windows 10 to offer application developers new malware defenses

Application developers can now actively participate in malware defense – in a new way to help protect customers from dynamic script-based malware and non-traditional avenues of cyberattack. Microsoft is making that possible through the Antimalware Scan Interface (AMSI) – a generic interface standard that allows applications and services to integrate with any antimalware product present...

Read more