cybersecurity – Page 35 – PossibleThreat Articles

Credit to Author: Paul Ducklin| Date: Tue, 24 Dec 2019 12:38:22 +0000

From the bizarre, through the crazy, all the way to the outright impossible – there’s still plenty to learn from all of these stories.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/-rmg75GSUo4″ height=”1″ width=”1″ alt=””/>

Microsoft Security

Data science for cybersecurity: A probabilistic time series model for detecting RDP inbound brute force attacks

December 18, 2019 0 Comments AI and machine learning, automation, brute force attack, cybersecurity, data science, Endpoint security, event id 4625, Microsoft Defender Advanced Threat Protection, Microsoft security intelligence, microsoft threat experts, probablistic time series model, Remote Desktop Protocol (RDP), Security Intelligence, Threat protection, Windows Security

Credit to Author: Eric Avena| Date: Wed, 18 Dec 2019 18:00:24 +0000

Microsoft Defender ATP data scientists and threat hunters collaborate to use a data science-driven approach to detecting RDP brute force attacks to protect customers against real-world threats.

The post Data science for cybersecurity: A probabilistic time series model for detecting RDP inbound brute force attacks appeared first on Microsoft Security .

Microsoft Security

Multi-stage downloader Trojan sLoad abuses BITS almost exclusively for malicious activities

December 12, 2019 0 Comments alternative protocol, bits, cybersecurity, Endpoint security, living-off-the-land, Microsoft security intelligence, sload

Credit to Author: Eric Avena| Date: Thu, 12 Dec 2019 17:30:26 +0000

Many of today’s threats evolve to incorporate as many living-off-the-land techniques as possible into the attack chain. The PowerShell-based downloader Trojan known as sLoad, however, puts all its bets on BITS. Background Intelligent Transfer Service (BITS) is a component of the Windows operating system that provides an ability to transfer files in an asynchronous and…

The post Multi-stage downloader Trojan sLoad abuses BITS almost exclusively for malicious activities appeared first on Microsoft Security .

Microsoft Security

The quiet evolution of phishing

December 11, 2019 0 Comments 404 page not found, cybersecurity, email security, man-in-the-middle, Microsoft security intelligence, office 365 atp, Office 365 Security, phishing, poisone search results

Credit to Author: Eric Avena| Date: Wed, 11 Dec 2019 17:00:56 +0000

In 2019, we saw phishing attacks reach new levels of creativity and sophistication. Read about the most notable phishing techniques we spotted in the past year.

The post The quiet evolution of phishing appeared first on Microsoft Security .

Microsoft Security

Gartner Names Microsoft a Leader in the 2019 Enterprise Information Archiving (EIA) Magic Quadrant

November 26, 2019 0 Comments cybersecurity

Credit to Author: Eric Avena| Date: Tue, 26 Nov 2019 18:09:21 +0000

In Gartner’s annual Magic Quadrant for Enterprise Information Archiving (EIA), Microsoft was named a Leader again.

The post Gartner Names Microsoft a Leader in the 2019 Enterprise Information Archiving (EIA) Magic Quadrant appeared first on Microsoft Security .

Microsoft Security

Insights from one year of tracking a polymorphic threat

November 26, 2019 0 Comments behavior monitoring, behavior-based machine learning, behavioral blocking and containment, cybersecurity, dexphot, fileless, Microsoft security intelligence, polymorphic malware

Credit to Author: Eric Avena| Date: Tue, 26 Nov 2019 17:00:56 +0000

We discovered the polymoprhic threat Dexphot in October 2018. In the months that followed, we closely tracked the threat as attackers upgraded the malware, targeted new processes, and worked around defensive measures. One year’s worth of intelligence helped us gain insight not only into the goals and motivations of Dexphot’s authors, but of cybercriminals in general.

The post Insights from one year of tracking a polymorphic threat appeared first on Microsoft Security .

Microsoft Security

Going in-depth on the Windows 10 random number generation infrastructure

November 25, 2019 0 Comments cybersecurity, entropy system, Microsoft security intelligence, prng, pseudo-random number generator, random number generation, rng, Windows 10

Credit to Author: Eric Avena| Date: Mon, 25 Nov 2019 19:00:33 +0000

We are happy to release to the public The Windows 10 random number generation infrastructure white paper, which provides details about the Windows 10 pseudo-random number generator (PRNG) infrastructure, and lists the primary RNG APIs. The whitepaper also explains how the entropy system works, what the entropy sources are, and how initial seeding works.

The post Going in-depth on the Windows 10 random number generation infrastructure appeared first on Microsoft Security .

MalwareBytes Security

A week in security (November 11 – 17)

November 18, 2019 0 Comments A week in security, CTNT, cybercrime tactics & techniques, cybercrime tactics and techniques, cybersecurity, infrastructure, orcus rat, password, proofpoint, Security, Trojans

Credit to Author: Malwarebytes Labs| Date: Mon, 18 Nov 2019 16:43:14 +0000

A roundup of cybersecurity news from November 11 – 17, including Facebook scams, the importance of securing food infrastructure, and our latest CTNT report.

Categories:

A week in security

Tags: CTNT cybercrime tactics & techniques cybercrime tactics and techniques cybersecurity infrastructure Orcus RAT password Proofpoint security Trojans

(Read more…)

The post A week in security (November 11 – 17) appeared first on Malwarebytes Labs.

Microsoft Security

Microsoft works with researchers to detect and protect against new RDP exploits

November 7, 2019 0 Comments BlueKeep, cve-2019-0708, cybersecurity, Exploit, Microsoft security intelligence, Remote Desktop Protocol (RDP)

Credit to Author: Eric Avena| Date: Thu, 07 Nov 2019 21:05:30 +0000

The new exploit attacks show that BlueKeep will be a threat as long as systems remain unpatched, credential hygiene is not achieved, and overall security posture is not kept in check.

The post Microsoft works with researchers to detect and protect against new RDP exploits appeared first on Microsoft Security .