PT-2021-3291 · Microsoft · Windows Defender

Name of the Vulnerable Software and Affected Versions: Windows Defender affected versions not specified Description: The issue is related to incorrect code generation management in Windows Defender, which is part of the Windows operating system. Exploitation of this issue may allow an attacker to...

Security Update for Windows Defender (June 2021)

The Malware Protection Engine version of Microsoft Windows Defender installed on the remote Windows host is equal or prior to 1.1.17800.5. It is, therefore, affected by multiple vulnerabilities. - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and...

Onelinepy - Python Obfuscator To Generate One-Liners And FUD Payloads

Python Obfuscator To Generate One-Liners And FUD Payloads. Download & Run git clone https://github.com/spicesouls/onelinepy cd onelinepy chmod +x setup.sh ./setup.sh onelinepy Usage Guide | || | . | | -| | | | -| . | | | Python |||||||||| | | Obfustucator || || usage: oneline.py -h -m M -i I...

Microsoft acquires ReFirm Labs to enhance IoT security

Modern computing devices can be thought of as a collection of discrete microprocessors each with a dedicated function like high-speed networking, graphics, Disk I/O, AI, and everything in between. The emergence of the intelligent edge has accelerated the number of these cloud-connected devices th...

Cybercriminals Hold $115,000-Prize Contest to Find New Cryptocurrency Hacks

A top Russian-language underground forum has been running a "contest" for the past month, calling on its community to submit "unorthodox" ways to conduct cryptocurrency attacks. The forum's administrator, in an announcement made on April 20, 2021, invited members to submit papers that assess the...

Dent - A Framework For Creating COM-based Bypasses Utilizing Vulnerabilities In Microsoft's WDAPT Sensors

More Information If you want to learn more about the techniques utlized in this framework please take a look at this article. Description This framework generates code to exploit vulnerabilties in Microsoft Defender Advanced Threat Protection's Attack Surface Reduction ASR rules to execute...

HookDump - Security Product Hook Detection

EDR function hook dumping Please refer to the Zeroperil blog post for more information https://zeroperil.co.uk/hookdump/ Building source In order to build this you will need Visual Studio 2019 community edition is fine and CMake. The batch file Configure.bat will create two build directories with...

New sophisticated email-based attack from NOBELIUM

Microsoft Threat Intelligence Center MSTIC has uncovered a wide-scale malicious email campaign operated by NOBELIUM, the threat actor behind the attacks against SolarWinds, the SUNBURST backdoor, TEARDROP malware, GoldMax malware, and other related components. The campaign, initially observed and...

New sophisticated email-based attack from NOBELIUM

Microsoft Threat Intelligence Center MSTIC has uncovered a wide-scale malicious email campaign operated by NOBELIUM, the threat actor behind the attacks against SolarWinds, the SUNBURST backdoor, TEARDROP malware, GoldMax malware, and other related components. The campaign, initially observed and...

Microsoft is a Leader in the 2021 Forrester Endpoint Security Software as a Service Wave

We are excited to share that Microsoft has been named a Leader in The Forrester Wave: Endpoint Security Software as a Service, Q2 20211, receiving one of the highest scores in the strategy category and among the top three scores in the current offering category. Forrester notes that “the focus on...

Microsoft is a Leader in the 2021 Forrester Endpoint Security Software as a Service Wave

We are excited to share that Microsoft has been named a Leader in The Forrester Wave: Endpoint Security Software as a Service, Q2 20211, receiving one of the highest scores in the strategy category and among the top three scores in the current offering category. Forrester notes that “the focus on...

Charlotte - C++ Fully Undetected Shellcode Launcher

c++ fully undetected shellcode launcher ; releasing this to celebrate the birth of my newborn description 13/05/2021: 1. c++ shellcode launcher, fully undetected 0/26 as of 13th May 2021. 2. dynamic invoking of win32 api functions 3. XOR encryption of shellcode and function names 4. randomised XO...

Email Campaign Spreads StrRAT Fake-Ransomware RAT

An email campaign is delivering a Java-based remote access trojan RAT that can not only steal credentials and take control of systems, but also presents as fake ransomware, Microsoft researchers have discovered. The Microsoft Security Intelligence MSI team has outlined details of a “massive email...

SimuLand: Understand adversary tradecraft and improve detection strategies

At Microsoft, we continuously collaborate with customers and the InfoSec community to learn more about the latest adversary tradecraft so that we can improve our detection strategies across all our security services. Even though those detections are already built into our products, and protecting...

Mitigate OT security threats with these best practices

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Chris Sistrunk, Technical Manager in...

Threat and Vulnerability Management now supports all major platforms

We are swiftly adapting to the lasting reality of a hybrid workforce, with the number of remote workers in the US expected to nearly double over the next five years, compared to pre-pandemic times. As a result, security teams are being challenged to rethink how to secure a growing and increasingl...

Threat and Vulnerability Management now supports all major platforms

We are swiftly adapting to the lasting reality of a hybrid workforce, with the number of remote workers in the US expected to nearly double over the next five years, compared to pre-pandemic times. As a result, security teams are being challenged to rethink how to secure a growing and increasingl...

Gartner names Microsoft a Leader in the 2021 Endpoint Protection Platforms Magic Quadrant

Our mission to empower defenders and protect and secure organizations has never been more important to us. Over the last year, our customers have faced unpredictable challenges and nearly overnight have had to quickly adapt in the face of a new hybrid work environment, evolving sophistication and...

Ryuk Ransomware Attack Sprung by Frugal Student

A European biomolecular research institute involved in COVID-19 research lost a week’s worth of research data, all thanks to a Ryuk ransomware attack traced back to a student trying to save money by buying unlicensed software. Security researchers at Sophos described the attack in a report...

Forrester names Microsoft a Leader in the 2021 Enterprise Email Security Wave

Today, organizations face an evolving threat landscape and an exponentially increasing attack surface. Email represents the primary attack vector for cybercrime, and security teams are in search of efficient and cost-effective means to minimize the risk of these threats and the impact they have o...