Microsoft – Page 57 – PossibleThreat Articles

From unstructured data to actionable intelligence: Using machine learning for threat intelligence

August 8, 2019 0 Comments AI and machine learning, automation, cybersecurity, Endpoint security, indicators of compromise (IoC), Machine Learning, Microsoft Defender Advanced Threat Protection, Microsoft security intelligence, Security Intelligence, threat intelligence, TTPs, Windows Security

Credit to Author: Eric Avena| Date: Thu, 08 Aug 2019 16:30:12 +0000

Machine learning and natural language processing can automate the processing of unstructured text for insightful, actionable threat intelligence.

The post From unstructured data to actionable intelligence: Using machine learning for threat intelligence appeared first on Microsoft Security .

Microsoft Security

Protect against BlueKeep

August 8, 2019 0 Comments Detection and Response Team (DART), Incident Response, Network security, Security Intelligence, Threat protection

Credit to Author: Todd VanderArk| Date: Thu, 08 Aug 2019 16:00:57 +0000

DART offers steps you can take to protect your network from BlueKeep, the “wormable” vulnerability that can create a large-scale outbreak due to its ability to replicate and propagate.

The post Protect against BlueKeep appeared first on Microsoft Security .

Microsoft Security

A case study in industry collaboration: Poisoned RDP vulnerability disclosure and response

August 7, 2019 0 Comments CVE-2019-0887, cybersecurity, Endpoint security, Event Tracing for Windows (ETW), Exploit, Microsoft Defender Advanced Threat Protection, Microsoft security intelligence, Remote Desktop Protocol (RDP), Security Response, vulnerability, Windows Security

Credit to Author: Eric Avena| Date: Wed, 07 Aug 2019 23:50:25 +0000

Through a cross-company, cross-continent collaboration, we discovered a vulnerability, secured customers, and developed fix, all while learning important lessons that we can share with the industry.

The post A case study in industry collaboration: Poisoned RDP vulnerability disclosure and response appeared first on Microsoft Security .

Microsoft Security

How Windows Defender Antivirus integrates hardware-based system integrity for informed, extensive endpoint protection

July 31, 2019 0 Comments assertion engine, cybersecurity, hardware-based isolation, kernel-mode attacks, Microsoft Defender Advanced Threat Protection, Microsoft security intelligence, next generation protection, privilege escalation, runtime attestation, Security Intelligence, Threat protection, token swap, token theft, Windows Defender Antivirus, Windows Security

Credit to Author: Eric Avena| Date: Wed, 31 Jul 2019 16:30:35 +0000

The deep integration of Windows Defender Antivirus with hardware-based isolation capabilities allows the detection of artifacts of attacks that tamper with kernel-mode agents at the hypervisor level.

The post How Windows Defender Antivirus integrates hardware-based system integrity for informed, extensive endpoint protection appeared first on Microsoft Security .

Microsoft Security

CISO series: Better cybersecurity requires a diverse and inclusive approach to AI and machine learning

July 31, 2019 0 Comments AI and machine learning, CISO series

Credit to Author: Todd VanderArk| Date: Wed, 31 Jul 2019 16:00:51 +0000

A collaborative, inclusive approach to creating AI and machine learning models can help increase your resilience to cyberattacks.

The post CISO series: Better cybersecurity requires a diverse and inclusive approach to AI and machine learning appeared first on Microsoft Security .

Microsoft Security

Dismantling a fileless campaign: Microsoft Defender ATP’s Antivirus exposes Astaroth attack

July 30, 2019 0 Comments AI and machine learning, Antimalware Scan Interface (AMSI), Astaroth, behavior monitoring, Command-line scanning, cybersecurity, Endpoint security, Execution stage, fileless, fileless malware, heuristics, Initial access stage, living-off-the-land, Microsoft Defender ATP, Microsoft security intelligence, Security Intelligence, Threat protection, Windows Defender Antivirus, Windows Security, WMIC

Credit to Author: Eric Avena| Date: Mon, 08 Jul 2019 16:00:51 +0000

Advanced technologies in Microsoft Defender ATP’s Antivirus exposed and defeated a widespread fileless campaign that completely “lived off the land” throughout a complex attack chain that run the info-stealing backdoor Astaroth directly in memory

The post Dismantling a fileless campaign: Microsoft Defender ATP’s Antivirus exposes Astaroth attack appeared first on Microsoft Security .

Microsoft Security

Council of EU Law Enforcement Protocol improves cross-border cooperation

July 30, 2019 0 Comments Cybersecurity policy, Incident Response, Security Intelligence, Threat protection

Credit to Author: Todd VanderArk| Date: Tue, 30 Jul 2019 16:00:00 +0000

The new EU Law Enforcement Emergency Response Protocol addresses the growing problem of planning and coordinating between governments, agencies, and companies when cyberattacks occur across international boundaries.

The post Council of EU Law Enforcement Protocol improves cross-border cooperation appeared first on Microsoft Security .

Microsoft Security

The evolution of Microsoft Threat Protection—July update

July 29, 2019 0 Comments Evolution of Microsoft Threat Protection, Evolution of Microsoft Threat Protection page, Microsoft Cloud App Security, Microsoft Defender Advanced Threat Protection, Microsoft Defender ATP, Office 365 Security

Credit to Author: Todd VanderArk| Date: Mon, 29 Jul 2019 16:00:50 +0000

Learn about the latest enhancements to Microsoft Threat Protection, the premier solution for securing the modern workplace across identities, endpoints, user data, apps, and infrastructure.

The post The evolution of Microsoft Threat Protection—July update appeared first on Microsoft Security .

Microsoft Security

New machine learning model sifts through the good to unearth the bad in evasive malware

July 25, 2019 0 Comments AI and machine learning, Antivirus, automation, cybersecurity, detection evasion, Endpoint security, lockergoga, Machine Learning, Microsoft Defender Advanced Threat Protection, Microsoft Defender ATP, Microsoft security intelligence, monotonic models, next generation protection, Windows Defender Antivirus

Credit to Author: Eric Avena| Date: Thu, 25 Jul 2019 16:30:55 +0000

Most machine learning models are trained on a mix of malicious and clean features. Attackers routinely try to throw these models off balance by stuffing clean features into malware. Monotonic models are resistant against adversarial attacks because they are trained differently: they only look for malicious features. The magic is this: Attackers can’t evade a monotonic model by adding clean features. To evade a monotonic model, an attacker would have to remove malicious features.

The post New machine learning model sifts through the good to unearth the bad in evasive malware appeared first on Microsoft Security .

Microsoft Security

Facing the cold chills

July 24, 2019 0 Comments Detection and Response Team (DART), Incident Response, Network security, Security strategies

Credit to Author: Todd VanderArk| Date: Mon, 15 Jul 2019 16:00:54 +0000

DART recently worked with a customer who had been subject to a targeted compromise where the entity was intently and purposefully attempting to get into their systems.

The post Facing the cold chills appeared first on Microsoft Security .