Behavior monitoring combined with machine learning spoils a massive Dofoil coin mining campaign

Update: Further analysis of this campaign points to a poisoned update for a peer-to-peer P2P application. For more information, read Poisoned peer-to-peer app kicked off Dofoil coin miner outbreak. Just before noon on March 6 PST, Windows Defender Antivirus blocked more than 80,000 instances of...

How Office 365 protects your organization from modern phishing campaigns

This post is authored by Debraj Ghosh, Senior Product Marketing Manager, Microsoft 365 Security. We often allude to the benefits of having an integrated threat protection stack in Office 365. Today we wanted to take the opportunity to walk you through how the combined features and services in the...

Extracting Secrets from Machine Learning Systems

This is fascinating research about how the underlying training data for a machine-learning system can be inadvertently exposed. Basically, if a machine-learning system trains on a dataset that contains secret information, in some cases an attacker can query the system to extract that secret...

FinFisher exposed: A researcher’s tale of defeating traps, tricks, and complex virtual machines

Office 365 Advanced Threat Protection Office 365 ATP blocked many notable zero-day exploits in 2017. In our analysis, one activity group stood out: NEODYMIUM. This threat actor is remarkable for two reasons: Its access to sophisticated zero-day exploits for Microsoft and Adobe software Its use of...

This Week in Security News: Senate Hearings and Equifax Breaches

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, leaders of six security agencies testified before the Senate Intelligence Committee, the Equifax hack grew in severity, and hackers used the...

How artificial intelligence stopped an Emotet outbreak

At 12:46 a.m. local time on February 3, a Windows 7 Pro customer in North Carolina became the first would-be victim of a new malware attack campaign for Trojan:Win32/Emotet. In the next 30 minutes, the campaign tried to attack over a thousand potential victims, all of whom were instantly and...

How artificial intelligence stopped an Emotet outbreak

At 12:46 a.m. local time on February 3, a Windows 7 Pro customer in North Carolina became the first would-be victim of a new malware attack campaign for Trojan:Win32/Emotet. In the next 30 minutes, the campaign tried to attack over a thousand potential victims, all of whom were instantly and...

How Hackers Are Leveraging Machine Learning

For business executives and internal information security specialists, it seems that every day brings a new potential risk to the company - and in the current threat environment, it isn't hard to understand this viewpoint. Sophisticated cybercriminals are continually on the lookout for the next b...

Examining & Evaluating Security Before a “Pressure Event” is Critical…Especially on a Hot Summer Day

There are countless parallels between cyber and physical security. I often use physical security to explain cyber to the uninitiated. The thick walls, soundproofed vents, locks and codes and even the key on the door to Robert Hanssen’s SCIF are mirrored by the malware detectors, firewalls next-ge...

GDPR and Breach Detection: How to Ask the Right Questions to Meet the GDPR Breach Notification Rule

It is now less than four months before the General Data Protection Regulation GDPR becomes effective. This new data regulation of the European Union is designed to provide individuals with rights and protections over their personal data collected by business around the world. It aims to unify dat...

Trend Micro Named a Leader in Gartner Magic Quadrant for Endpoint Protection Platforms

The endpoint security market is quite dynamic right now, with lots of new entrants, and ongoing innovation for improving threat detection and response. In the midst of all this market energy we are very pleased to be named a Leader in Gartner’s 2018 Magic Quadrant for Endpoint Protection Platform...

Twebit - Bitcoin Analysis in Twitter With Machine Learning

Bitcoin analysis with machine learning. How it works? 1- Get tweets from twitter. 2- Filter tweets. 3- Tweet classification with naive bayes algorithm Positive,negative and neut. Installation git clone https://github.com/omergunal/twebit cd twebit pip3 install -r requirements.txt Update your api...

Chronicle: A Meteor Aimed At Planet Threat Intel?

Alphabet Inc., the parent company of Google, said today it is in the process of rolling out a new service designed to help companies more quickly make sense of and act on the mountains of threat data produced each day by cybersecurity tools. Countless organizations rely on a hodgepodge of securit...

Windows Defender ATP の機械学習と Antimalware Scan Interface: スクリプトを悪用した「環境寄生型」攻撃の検出

本記事は、Microsoft Secure のブログ “Windows Defender ATP machine learning and AMSI: Unearthing script-based attacks that ‘live off the land’”...

Application fuzzing in the era of Machine Learning and AI

Proactively testing software for bugs is not new. The earliest examples date back to the 1950s with the term fuzzing. Fuzzing as we now refer to it is the injection of random inputs and commands into applications. It made its debut quite literally on a dark and stormy night in 1988. Since then,...

Windows Defender Advanced Threat Protection の機械学習: 未知の侵入アクティビティの検出

本記事は、Windows Security のブログ “Windows Defender ATP machine learning: Detecting new and unusual breach activity” 2017 年 8 月 3 日 米...

Advance Android Malware Analysis Framework: Droidefense

Droidefense originally named atom: analysis through observation machine is the codename for android apps/malware analysis/reversing tool. It was built focused on security issues and tricks that malware researcher have on they every day work. For those situations on where the malware has...

OpenCV: Multiple vulnerabilities

Background OpenCV Open Source Computer Vision Library is an open source computer vision and machine learning software library. Description Multiple vulnerabilities have been discovered in OpenCV. Please review the referenced CVE identifiers for details. Impact An attacker can cause a denial of...

Women in Tech and Career Spotlight: Shiri Margel

This month we’ll be closing out our series featuring women in tech at Imperva. While I work closely with many of the women we’ve spotlighted, I’ve found learning more about their backgrounds so interesting—I hope you have too! Continuing in the series, I spoke with Shiri Margel, team lead in the...

Detonating a bad rabbit: Windows Defender Antivirus and layered machine learning defenses

Windows Defender Antivirus uses a layered approach to protection: tiers of advanced automation and machine learning models evaluate files in order to reach a verdict on suspected malware. While Windows Defender AV detects a vast majority of new malware files at first sight, we always strive to...