Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene

In the first six months of 2017, ransomware threats reached new levels of sophistication. The same period also saw the reversal of a six-month downward trend in ransomware encounters. New ransomware code was released at a higher rate with increasing complexity. Two high-profile ransomware incidents brought cybersecurity to the forefront of mainstream conversations as the…


Links in phishing-like emails lead to tech support scam

Tech support scams continue to evolve, with scammers exploring more ways to reach potential victims. Recently, we have observed spam campaigns distributing links that lead to tech support scam websites. Anti-spam filters in Microsoft Exchange Online Protection (EOP) for Office 365 and in Outlook.com blocked the said emails because they bore characteristics of phishing emails….

7

Windows Defender Antivirus cloud protection service: Advanced real-time defense against never-before-seen malware

For cybercriminals, speed is the name of the game. It takes newly released malware an average of just four hours to achieve its goal—steal financial information, extort money, or cause widespread damage. In a recent report, the Federal Trade Commission (FTC) said that cybercriminals will use hacked or stolen information within nine minutes of posting in…

19

Windows 10 platform resilience against the Petya ransomware attack

(Note: Read our latest comprehensive report on ransomware: Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene.)   The Petya ransomware attack on June 27, 2017 (which we analyzed in-depth in this blog) may have been perceived as an outbreak worse than last month’s WannaCrypt (also known as WannaCry) attack. After all, it…

3

What’s new in Windows Defender ATP Fall Creators Update

When we introduced Windows Defender Advanced Threat Protection (Windows Defender ATP), our initial focus was to reduce the time it takes companies to detect, investigate, and respond to advanced attacks. The Windows Fall Creators Update represents a new chapter in our product evolution as we offer a set of new prevention capabilities designed to stop…

5

Understanding the true size of “Fireball”

Keeping tabs on the movement of cybersecurity threats, understanding the size and scope of attacks, and disrupting cybercriminal campaigns through next-gen technologies are fundamental parts of our day-to-day work at Microsoft Windows Defender Research. So when recent reports of the “Fireball” cybersecurity threat operation were presented as a new discovery, our teams knew differently because…

0

Partnering with the AV ecosystem to protect our Windows 10 customers

On Friday May 12th, and for several days afterwards, more than a quarter-million computers around the world fell victim to the ransomware known as WannaCrypt or WannaCry. As that recent event has shown, malicious actors bring nearly boundless time and skill to commit cybercrime that can cause harm to millions of people. That is why…

4

MSRT June 2017: Removing sneaky Xiazai

In the June release of the Microsoft Malicious Software Removal Tool (MSRT), we’re adding Xiazai, a widespread family of browser modifiers that we have blocked and removed from millions of computers since 2015. Xiazai is a software bundler that can sneak in additional changes. Xiazai does not install itself or make autostart registry entries, but…

1

Antivirus evolved

Some say antivirus is an outdated technology. What does “antivirus” even mean? For us, antivirus is the most commonly recognized term that means for customers “a product that stops bad programs from infecting my device.” Saying “antivirus” is similar to when you hear a Southerner (like myself) say “Coke” when referring to a carbonated beverage….

2