Detecting credential theft through memory access modelling with Microsoft Defender ATP

Credit to Author: Eric Avena| Date: Thu, 09 May 2019 17:29:45 +0000

Microsoft Defender ATP instruments memory-related function calls such as VirtualAlloc and VirtualProtect to catch in-memory attack techniques like reflective DLL loading. The same signals can also be used to generically detect malicious credential dumping activities performed by a wide range of different individual tools.

The post Detecting credential theft through memory access modelling with Microsoft Defender ATP appeared first on Microsoft Security.

Read more

Attack uses malicious InPage document and outdated VLC media player to give attackers backdoor access to targets

Credit to Author: Windows Defender ATP| Date: Thu, 08 Nov 2018 18:08:13 +0000

Our analysis of a targeted attack that used a language-specific word processor shows why its important to understand and protect against small-scale and localized attacks as well as broad-scale malware campaigns. The attack exploited a vulnerability in InPage, a word processor software for specific languages like Urdu, Persian, Pashto, and Arabic. More than 75% of

Read more

The post Attack uses malicious InPage document and outdated VLC media player to give attackers backdoor access to targets appeared first on Microsoft Secure.

Read more

Cybercriminals Changing Tactics as Seen in First Half Report

Credit to Author: Jon Clay (Global Threat Communications)| Date: Tue, 28 Aug 2018 12:05:30 +0000

Today, Trend Micro released its first half 2018 security roundup report in which we want to share the threat intelligence we discovered through the Trend Micro™ Smart Protection Network™ that allows us to identify the threats that have targeted our customer base. Below are some thoughts I’d like to share with you about these trends…

The post Cybercriminals Changing Tactics as Seen in First Half Report appeared first on .

Read more