windows defender advanced threat protection

At the beginning of the year, Microsoft revealed that over 200 million devices were running Windows 10, including 22 million in the enterprise and education sectors. The new operating system won a big vote of confidence last month from the US Department of Defense, which has committed to upgrading 4 million of its machines to Windows 10 within the next year, and as more large organizations put their trust in the OS, Microsoft is keen to ensure that it remains its "most secure platform ever".

As Microsoft explained today, organizations are continuing to face significant threats from cyberattacks:

Even with the best defense, sophisticated attackers are using social engineering and zero-day vulnerabilities to break-in to corporate networks. Thousands of such attacks were reported in 2015 alone. We’ve found it currently takes an enterprise more than 200 days to detect a security breach and 80 days to contain it. During this time, attackers can wreak havoc on a corporate network, stealing data, breaching privacy, and destroying the trust of customers. These attacks are incredibly expensive, costing organizations an average of $12 million per incident with broader impact to a company’s reputation.

With this in mind, Microsoft has announced Windows Defender Advanced Threat Protection (ATP), a new service which it says "will help detect threats that have made it past other defenses, provide enterprises with information to investigate the breach across endpoints, and offer response recommendations."

Building on security features integrated into Windows 10, ATP harnesses the power of the cloud, going beyond simple scans for known malware, by attempting to identify unusual behavior and activities across corporate systems and networks that may be indicative of an attack. Microsoft says that its intelligent security graph "provides big-data security analytics that look across aggregate behaviors to identify anomalies - informed by anonymous information from over 1 billion Windows devices, 2.5 trillion indexed URLs on the Web, 600 million reputation look-ups online, and over 1 million suspicious files detonated every day."

android marshmallow

Android users are being warned about a new strain of malware called Mazar Bot that is hitting smartphones, giving attackers full administrative rights to monitor and control nearly every aspect of the phone.

The manipulative and persistent piece of malware, found to be in active use by researchers at Heimdal Security, takes hold via a malware-ridden SMS/MMS message that, once clicked, spreads a torrent of alarming exploits such as sending malicious text messages, anonymously accessing the web, putting the phone into sleep mode and even fully erasing all content from the device.

 

sbwarnblur

Google has recently announced its plans to start cracking down on websites that display deceptive ads. The company will begin warning users if they ever enter such places on the web with a message stating "deceptive site ahead", once they click on an ad it suspects contains "social engineered" content.

The company aims to lessen this significantly through its updated social engineering policy. It lists possible deceptive social engineered ads, some of which:

  • Pretend to act, or look and feel, like a trusted entity — like your own device or browser, or the website itself.
  • Try to trick you into doing something you’d only do for a trusted entity — like sharing a password or calling tech support.

These ads, like the images on the right, may come in a form of an alleged "download button," usually stating that a plugin needs to be installed in order for content on the website to be utilized. Another type of deceitful ad is one that states that a user's system is outdated, and that they should click on the illusory message box in order to keep their computer updated. And lastly, one of the most common tricks is an ad disguising as a download/play button for a streaming website.

hacker story

A 26-year-old hacker has been sentenced to 334 years in prison for identity theft as well as mass bank fraud in Turkey, or in simple words, he has been sentenced to life in prison.

Named Onur Kopçak, the hacker was arrested in 2013 for operating a phishing website that impersonated bank site, tricking victims into providing their bank details including credit card information.

 Win32 Dorkbot

Discovered in 2011 the Win32/Dorkbot malware has spread to over a million Windows PCs worldwide. During the last six months alone it had been infecting over 100,000 machines a month. Microsoft announced on Wednesday they had teamed up to enact a coordinated malware eradication campaign to disrupt the botnet.

The malware has been spread via a number of routes including USB drives, IM clients, Social Networks, Email and Drive-by downloads. Its primary aim was to steal online user credentials and any information that can personally identify you. It is also able to install yet more malware to your PC from command and control servers.