In social engineering attacks, is less really more? A new malware campaign puts that to the test by targeting home users and small businesses in specific US cities. This was a focused, highly localized attack that aimed to steal sensitive info from just under 200 targets. Macro-laced documents masqueraded as statements from legitimate businesses.
Hawkeye Keylogger is an info-stealing malware that’s being sold as malware-as-a-service. Over the years, the malware authors behind Hawkeye have improved the malware service, adding new capabilities and techniques.
Beyond customer education, the scale and complexity of tech support scams require cooperation and broad partnerships across the industry. Given the scale and complexity of tech support scams, how can the security industry at large work together to deal a major blow to this enduring threat?
Dofoil is a sophisticated threat that attempted to install coin miner malware on hundreds of thousands of computers in March, 2018.
On March 7, we reported that a massive Dofoil campaign attempted to install malicious cryptocurrency miners on hundreds of thousands of computers. Windows Defender Antivirus, with its behavior monitoring, machine learning technologies, and layered approach to security detected and blocked the attack within milliseconds.
The surge in Bitcoin prices has driven widescale interest in cryptocurrencies. While the future of digital currencies is uncertain, they are shaking up the cybersecurity landscape as they continue to influence the intent and nature of attacks.
Update: Further analysis of this campaign points to a poisoned update for a peer-to-peer (P2P) application. For more information, read Poisoned peer-to-peer app kicked off Dofoil coin miner outbreak. To detect and respond to Dofoil in corporate networks, read Hunting down Dofoil with Windows Defender ATP.
Office 365 Advanced Threat Protection (Office 365 ATP) blocked many notable zero-day exploits in 2017. In our analysis, one activity group stood out: NEODYMIUM.
Protecting the modern workplace from a wide range of undesirable softwareOur evaluation criteria describe the characteristics and behavior of malware and potentially unwanted applications and guide the proper identification of threats. Learn how we classify malicious software, unwanted software, and potentially unwanted applications. Read the blog post.
Attackers are determined to circumvent security defenses using increasingly sophisticated techniques. Fileless malware boosts the stealth and effectiveness of an attack.
There are tools available that can ease kick-off activities for CISOs, CIOs, and DPOs. These tools can help them better understand their GDPR compliance, including which areas are most important to be improved.
Windows Defender Antivirus uses a layered approach to protection: tiers of advanced automation and machine learning models evaluate files in order to reach a verdict on suspected malware.
