Microsoft has concluded that the Chinese Certificate Authorities (CAs) WoSign and StartCom have failed to maintain the standards required by our Trusted Root Program. Observed unacceptable security practices include back-dating SHA-1 certificates, mis-issuances of certificates, accidental certificate revocation, duplicate certificate serial numbers, and multiple CAB Forum Baseline Requirements (BR) violations.
Modern social engineering attacks use non-portable executable (PE) files like malicious scripts and macro-laced documents. Every month, Windows Defender AV detects non-PE threats on over 10 million machines. Learn how machine learning drives next-gen protection capabilities and cloud-based, real-time blocking of new and unknown threats: Machine learning vs.
Microsoft has been investing heavily in next-generation security technologies. These technologies use our ability to consolidate large sets of data and build intelligent systems that learn from that data.
We are announcing that support for TLS1.1/TLS 1.2 on Windows Server 2008 is now available for download as of July 18th, 2017.
For cybercriminals, speed is the name of the game. It takes newly released malware an average of just four hours to achieve its goal—steal financial information, extort money, or cause widespread damage.
Advanced cyberattacks emphasize stealth and persistence: the longer they stay under the radar, the more they can move laterally, exfiltrate data, and cause damage. To avoid detection, attackers are increasingly turning to cross-process injection. Cross-process injection gives attackers the ability to run malicious code that masquerades as legitimate programs.
On May 12, there was a major outbreak of WannaCrypt ransomware. WannaCrypt directly borrowed exploit code from the ETERNALBLUE exploit and the DoublePulsar backdoor module leaked in April by a group calling itself Shadow Brokers.
On June 27, 2017 reports of a ransomware infection began spreading across Europe. We saw the first infections in Ukraine, where more than 12,500 machines encountered the threat. We then observed infections in another 64 countries, including Belgium, Brazil, Germany, Russia, and the United States.
In this blog, we provide an early analysis of the end-to-end ransomware attack. Please note this threat is still under investigation.
“Always remember: Amateurs hack systems. Professionals hack people.” –Bruce Schneier, CTO, Counterpane Internet Security, Inc. All over the globe, social engineering is a dominant and growing threat to organizational security. Since January 2015, the number of social engineering victims identified by the FBI has increased 270 percent, costing businesses more than $2.3 billion.
Advanced Persistent Threats use two primary methods of persistence: compromised endpoints and compromised credentials. It is critical that you use tools to detect both simultaneously. With only one or the other in place, you give adversaries more opportunities to remain on your network.
Technical support scams continue to evolve, employing more and more complex social engineering tactics that can increase panic and create a false sense of legitimacy or urgency in an effort to get more victims.
