Security News

Microsoft Defender falsely detects Win32/Hive.ZY in Google Chrome, Electron apps
2022-09-04 15:30

A bad Microsoft Defender signature update mistakenly detects Google Chrome, Microsoft Edge, Discord, and other Electron apps as 'Win32/Hive. The issue started Sunday morning when Microsoft pushed out Defender signature update 1.373.1508.0 to include two new threat detections, including Behavior:Win32/Hive.

The Week in Ransomware - August 12th 2022 - Attacking the defenders
2022-08-12 23:19

7-Eleven Denmark has confirmed that a ransomware attack was behind the closure of 175 stores in the country on Monday. An automotive supplier had its systems breached and files encrypted by three different ransomware gangs over two weeks in May, two of the attacks happening within just two hours.

Microsoft Defender now better at blocking ransomware on Windows 11
2022-08-02 19:13

Microsoft has released new Windows 11 builds to the Beta Channel with improved Microsoft Defender for Endpoint ransomware attack blocking capabilities. "We enhanced Microsoft Defender for Endpoint's ability to identify and intercept ransomware and advanced attacks," Microsoft's Amanda Langowski and Brandon LeBlanc said.

LockBit Ransomware Abuses Windows Defender to Deploy Cobalt Strike Payload
2022-08-02 08:07

A threat actor associated with the LockBit 3.0 ransomware-as-a-service operation has been observed abusing the Windows Defender command-line tool to decrypt and load Cobalt Strike payloads. "Once initial access had been achieved, the threat actors performed a series of enumeration commands and attempted to run multiple post-exploitation tools, including Meterpreter, PowerShell Empire, and a new way to side-load Cobalt Strike," researchers Julio Dantas, James Haughom, and Julien Reisdorffer said.

Microsoft Defender Experts for Hunting now generally available
2022-08-01 18:32

Microsoft Defender Experts for Hunting, a new managed security service for Microsoft 365 Defender customers, is now generally available. Microsoft's security experts will use Defender data for threat investigation and to provide customers with remediation instructions, as well as help deploy threat hunting across all Microsoft 365 Defender products within hours, according to Redmond.

LockBit ransomware abuses Windows Defender to load Cobalt Strike
2022-07-29 14:29

A threat actor associated with the LockBit 3.0 ransomware operation is abusing the Windows Defender command line tool to load Cobalt Strike beacons on compromised systems and evade detection by security software. Security solutions have become better at detecting Cobalt Strike beacons, causing threat actors to look for innovative ways to deploy the toolkit.

LockBit operator abuses Windows Defender to load Cobalt Strike
2022-07-29 14:29

A threat actor associated with the LockBit 3.0 ransomware operation is abusing the Windows Defender command line tool to load Cobalt Strike beacons on compromised systems and evade detection by security software. Security solutions have become better at detecting Cobalt Strike beacons, causing threat actors to look for innovative ways to deploy the toolkit.

Microsoft Defender adds network protection for Android, iOS devices
2022-07-03 14:09

Microsoft has introduced a new Microsoft Defender for Endpoint feature in public preview to help organizations detect weaknesses affecting Android and iOS devices in their enterprise networks.After enabling the new Mobile Network Protection feature on Android and iOS devices you want to monitor, the enterprise endpoint security platform will provide protection and notifications when it detects rogue Wi-Fi-related threats and rogue certificates.

Microsoft Defender goes cross-platform for the masses
2022-06-17 15:30

Microsoft is extending the Defender brand with a version aimed at families and individuals.Microsoft Defender for individuals, available for Microsoft 365 Personal and Family subscribers, is a cross-platform application, encompassing macOS, iOS, and Android devices and extending "The protection already built into Windows Security beyond your PC.".

New cloud-based Microsoft Defender for home now generally available
2022-06-16 15:14

Microsoft has announced today the general availability of Microsoft Defender for Individuals, the company's new security solution for personal phones and computers. This new cross-device security solution is available for all Microsoft 365 customers with Personal or Family subscriptions starting today.