Skip to content
Microsoft Secure

Now you see me: Exposing fileless malware

  (Note: For a comprehensive categorization of fileless malware and a complete list of Microsoft technologies that can protect against these elusive threats, read the latest blog post: Out of sight but not invisible: Defeating fileless malware with behavior monitoring, AMSI, and next-gen AV)   What exactly is fileless? Read latest blog post: Out of sight but...

Read more

Detecting reflective DLL loading with Windows Defender ATP

Today’s attacks put emphasis on leaving little, if any, forensic evidence to maintain stealth and achieve persistence. Attackers use methods that allow exploits to stay resident within an exploited process or migrate to a long-lived process without ever creating or relying on a file on disk. In recent blogs we described how attackers use basic...

Read more