AI and machine learning – Page 3 – Computer Security Articles

Bring your own LOLBin: Multi-stage, fileless Nodersok campaign delivers rare Node.js-based malware

September 26, 2019 admin AI and machine learning, cybersecurity, Endpoint security, fileless, Microsoft Defender Advanced Threat Protection, Microsoft security intelligence, nodersok, Security Intelligence

Credit to Author: Eric Avena| Date: Thu, 26 Sep 2019 17:34:41 +0000

We’ve discussed the challenges that fileless threats pose in security, and how Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) employs advanced strategies to defeat these sophisticated threats. Part of the slyness of fileless malware is their use of living-off-the-land techniques, which refer to the abuse of legitimate tools, also called living-off-the-land binaries (LOLBins), that…

The post Bring your own LOLBin: Multi-stage, fileless Nodersok campaign delivers rare Node.js-based malware appeared first on Microsoft Security .

Microsoft Security

Azure Sentinel—the cloud-native SIEM that empowers defenders is now generally available

September 24, 2019 admin AI and machine learning, Azure Security, CISO series, Ciso series page

Credit to Author: Todd VanderArk| Date: Tue, 24 Sep 2019 16:00:55 +0000

Our goal has remained the same since we first launched Microsoft Azure Sentinel in February: empower security operations teams to help enhance the security posture of our customers. Today, we take the next step in that journey by making Azure Sentinel generally available.

The post Azure Sentinel—the cloud-native SIEM that empowers defenders is now generally available appeared first on Microsoft Security .

Microsoft Security

Overview of the Marsh-Microsoft 2019 Global Cyber Risk Perception survey results

September 18, 2019 admin AI and machine learning, cybersecurity policy, Incident Response, Information/data protection

Credit to Author: Todd VanderArk| Date: Wed, 18 Sep 2019 16:00:50 +0000

Results from the 2019 Marsh-Microsoft Global Cyber Risk Perception survey reveal several encouraging signs of improvement in the way organizations view and manage cyber risk.

The post Overview of the Marsh-Microsoft 2019 Global Cyber Risk Perception survey results appeared first on Microsoft Security .

Microsoft Security

Deep learning rises: New methods for detecting malicious PowerShell

September 3, 2019 admin AI and machine learning, cybersecurity, deep learning, Endpoint security, machine learning, Microsoft Defender ATP, Microsoft security intelligence, Powershell, Security Intelligence, Threat protection

Credit to Author: Eric Avena| Date: Tue, 03 Sep 2019 16:00:03 +0000

We adopted a deep learning technique that was initially developed for natural language processing and applied to expand Microsoft Defender ATP’s coverage of detecting malicious PowerShell scripts, which continue to be a critical attack vector.

The post Deep learning rises: New methods for detecting malicious PowerShell appeared first on Microsoft Security .

Microsoft Security

From unstructured data to actionable intelligence: Using machine learning for threat intelligence

August 8, 2019 admin AI and machine learning, automation, cybersecurity, Endpoint security, indicators of compromise (IoC), machine learning, Microsoft Defender Advanced Threat Protection, Microsoft security intelligence, Security Intelligence, Threat Intelligence, TTPs, Windows Security

Credit to Author: Eric Avena| Date: Thu, 08 Aug 2019 16:30:12 +0000

Machine learning and natural language processing can automate the processing of unstructured text for insightful, actionable threat intelligence.

The post From unstructured data to actionable intelligence: Using machine learning for threat intelligence appeared first on Microsoft Security .

Microsoft Security

CISO series: Better cybersecurity requires a diverse and inclusive approach to AI and machine learning

July 31, 2019 admin AI and machine learning, CISO series

Credit to Author: Todd VanderArk| Date: Wed, 31 Jul 2019 16:00:51 +0000

A collaborative, inclusive approach to creating AI and machine learning models can help increase your resilience to cyberattacks.

The post CISO series: Better cybersecurity requires a diverse and inclusive approach to AI and machine learning appeared first on Microsoft Security .

Microsoft Security

Dismantling a fileless campaign: Microsoft Defender ATP’s Antivirus exposes Astaroth attack

July 30, 2019 admin AI and machine learning, Antimalware Scan Interface (AMSI), Astaroth, behavior monitoring, Command-line scanning, cybersecurity, Endpoint security, Execution stage, fileless, fileless malware, heuristics, Initial access stage, living-off-the-land, Microsoft Defender ATP, Microsoft security intelligence, Security Intelligence, Threat protection, Windows Defender Antivirus, Windows Security, WMIC

Credit to Author: Eric Avena| Date: Mon, 08 Jul 2019 16:00:51 +0000

Advanced technologies in Microsoft Defender ATP’s Antivirus exposed and defeated a widespread fileless campaign that completely “lived off the land” throughout a complex attack chain that run the info-stealing backdoor Astaroth directly in memory

The post Dismantling a fileless campaign: Microsoft Defender ATP’s Antivirus exposes Astaroth attack appeared first on Microsoft Security .

Microsoft Security

New machine learning model sifts through the good to unearth the bad in evasive malware

July 25, 2019 admin AI and machine learning, Antivirus, automation, cybersecurity, detection evasion, Endpoint security, LockerGoga, machine learning, Microsoft Defender Advanced Threat Protection, Microsoft Defender ATP, Microsoft security intelligence, monotonic models, next generation protection, Windows Defender Antivirus

Credit to Author: Eric Avena| Date: Thu, 25 Jul 2019 16:30:55 +0000

Most machine learning models are trained on a mix of malicious and clean features. Attackers routinely try to throw these models off balance by stuffing clean features into malware. Monotonic models are resistant against adversarial attacks because they are trained differently: they only look for malicious features. The magic is this: Attackers can’t evade a monotonic model by adding clean features. To evade a monotonic model, an attacker would have to remove malicious features.

The post New machine learning model sifts through the good to unearth the bad in evasive malware appeared first on Microsoft Security .