Security News

Defenders must adapt to shrinking exploitation timelines
2024-10-16 12:06

A new report from Mandiant reveals that the average time-to-exploit vulnerabilities before or after a patch is released has plunged to just five days in 2023, down from 32 days in 2021 in 2022....

Microsoft Defender adds detection of unsecure Wi-Fi networks
2024-09-30 20:47

Microsoft Defender now automatically detects and notifies users with a Microsoft 365 Personal or Family subscription when they're connected to unsecured Wi-Fi networks. [...]

Windows Server August updates fix Microsoft 365 Defender issue
2024-08-13 21:00

The August 2024 Windows Server updates fix a known issue that breaks multiple Microsoft 365 Defender features after installing last month's security updates. [...]

Microsoft Defender Flaw Exploited to Deliver ACR, Lumma, and Meduza Stealers
2024-07-24 06:15

A now-patched security flaw in the Microsoft Defender SmartScreen has been exploited as part of a new campaign designed to deliver information stealers such as ACR Stealer, Lumma, and Meduza....

June Windows Server updates break Microsoft 365 Defender features
2024-07-15 14:10

Microsoft has confirmed that Windows Server updates from last month's Patch Tuesday break some Microsoft 365 Defender features that use the network data reporting service. "Devices which have installed Windows Server updates released June 11, 2024 might experience problems with Microsoft 365 Defender," the company explained on the Windows Server health dashboard.

Encrypted traffic: A double-edged sword for network defenders
2024-07-15 03:30

Organizations are ramping up their use of encrypted traffic to lock down data. Could they be making it easier to hide threats in the process? On one hand, encryption means enhanced privacy, but it can also make the job of security analysts much harder.

Researchers claim Windows Defender can be fooled into deleting databases
2024-04-22 04:29

BLACK HAT ASIA Researchers at US/Israeli infosec outfit SafeBreach last Friday discussed flaws in Microsoft and Kaspersky security products that can potentially allow the remote deletion of files. Speaking at the Black Hat Asia conference in Singapore, SafeBreach's VP of Security Research Tomer Bar and security researcher Shmuel Cohen explained that Microsoft Defender and Kaspersky's Endpoint Detection and Response can be made to detect false positive indicators of malicious files - and then to delete them.

Hackers used new Windows Defender zero-day to drop DarkMe malware
2024-02-13 20:52

Microsoft has patched today a Windows Defender SmartScreen zero-day exploited in the wild by a financially motivated threat group to deploy the DarkMe remote access trojan.The hacking group was spotted using the zero-day in attacks on New Year's Eve day by Trend Micro security researchers.

Microsoft deprecates Defender Application Guard for some Edge users
2023-12-21 18:10

Microsoft is deprecating Defender Application Guard for Edge for Business users. Microsoft Defender Application Guard blocks potential threats by opening them in a secure sandbox using hardware-based virtualization.

Microsoft deprecates Defender Application Guard for Office
2023-11-27 21:00

Microsoft is deprecating Defender Application Guard for Office and the Windows Security Isolation APIs, and it recommends Defender for Endpoint attack surface reduction rules, Protected View, and...