-
It is worse than I’ve thought initially!
If you simply rename your malicious .exe file to msiexec.exe its files will be excluded from realtime scanning. REALLY #WindowsDefender? Simple C# dropper and the eicar-based PoC instruction: https://github.com/gtworek/PSBits/tree/master/WinDefend …Prikaži ovu nit -
A story about
#WindowsDefender's Tamper Protection feature Microsoft introduced Tamper Protection in Windows 10 1903, an excellent feature that prevents malware, users, and even administrators from disabling Windows Defender. https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection …Prikaži ovu nit -
*cue sandstorm by darude*
#WindowsDefender#Windows10#SCCM#Intune#Malwarepic.twitter.com/4uzCrpqU3p -
#Office#Macro's! Always a problem for#ITSec! Learn how you can improve security in your environment.#Microsoft#office365#windows10#TrustCenter#GPO#MDATP#WindowsDefender#OfficeATP#wpninjas#empowercustomers#mvpbuzz#microsoftsecurity https://www.wpninjas.ch/2020/01/defense-in-depth-on-an-example-office-macro-protection/ …pic.twitter.com/syhN2dBenV
-
Now available in Preview: Firewall rules in
#Intune - Use a device profile - Endpoint Protection to deploy your Firewall rules#EMS#Windows10#WindowsDefender pic.twitter.com/XM4f3vBO6N
-
Automation with Microsoft Flow and Microsoft Defender ATP is now possible. https://blog.ahasayen.com/ms-flow-and-ms-defender-atp-integration/ … @WindowsATP
#Flow#MSFlow#MicrosoftFlow#MDATP#WDATP#MicrosoftATP#WindowsATP#WindowsDefender#Automation#Microsoft#Azure#Office365#Microsoft365#Webcast#Demo#Webinar -
Good article on how to protect against
#macro based threats https://www.ncsc.gov.uk/guidance/macro-security-for-microsoft-office …#Office#EndpointSecurity#Windows#WIndowsDefender#ASR#ExploitGuard -
Tip of the day I guess. Configuring Windows Defender Exploit Guard Settings. Make sure "EXE" is lowercase when white listing an executable in Controlled Folder Access Apps. kthanxbi
#SCCM#ConfigMGR#ControlledFolderAccess#WindowsDefender pic.twitter.com/Y5prCF094e
-
How to manage the Microsoft Antimalware Extension by the Azure Portal, the Azure Security Center and PowerShell for Multi VMs by Resource Groups or Tags.
#az#windowsdefender#microsoftantimalware#antimalware#powershell#azure#microsoft#automationhttps://www.e-apostolidis.gr/microsoft/azure/azure-vm-antimalware-extension-management/ … -
Take action and sign'up for the
#CMCE event organized by@mirkocolemberg in#Zürich. All about#Microsoft#ModernWorkplace in 3 session tracks: -#DeviceManagement /#SCCM -#ModernManagement /#M365 -#DeviceSecurity /#ATP &#WindowsDefender http://configmgr.ch/cmce-1908-wow-what-a-line-up/ …pic.twitter.com/jpGVxcTolU
-
Application whitelisting: Software Restriction Policies vs. AppLocker vs.
#Windows Defender Application Control#WindowsDefender#AppLocker by@4sysops https://4sysops.com/archives/application-whitelisting-software-restriction-policies-vs-applocker-vs-windows-defender-application-control/ …pic.twitter.com/Ju5w8vldfh
-
#WindowsDefender skips files dropped by msiexec.exe. Should I tell you more?
MSI-wrapped #Mimikatz and do-it-at-home WiX file: https://github.com/gtworek/PSBits/tree/master/MSI_Payload … -
Good reading on how
#WDATP helped to solve cyber issues in higher edu. Proud to see how our product helps. Loved to work with the guys at#sdu#windowsdefender https://customers.microsoft.com/en-us/story/university-southern-denmark-higher-education-enterprise-mobility-security … -
Bypassing Windows Defender: One TCP Socket Away From Meterpreter and Beacon Sessions https://ired.team/offensive-security/bypassing-windows-defender-one-tcp-socket-away-from-meterpreter-and-cobalt-strike-beacon …
#windowsdefender#avbypass#evasion#windowssecuritypic.twitter.com/Ok0XWOikIF
Prikaži ovu nit -
What's new in
#MSIntune - Week of May 13, 2019 -#PowerShell scripts to run with the user’s admin privileges - Check for a#TPM chipset in a#Windows10 device compliance policy - Advanced settings for#WindowsDefender#Firewall - ESP is final and more
http://aka.ms/intunenew -
[New Blogpost] Windows Defender, More than just Antivirus – Part 1 https://www.verboon.info/2019/10/windows-defender-more-than-just-antivirus-part-1/ …
#Defender#WindowsDefender#MicrosoftDefender#Security -
Have you seen the major enhancements in Windows Defender Application Control with the Windows 10 May 2019 Update?
#Windows10#Security#WindowsDefender#WDAGhttps://www.microsoft.com/security/blog/2019/07/01/delivering-major-enhancements-in-windows-defender-application-control-with-the-windows-10-may-2019-update/ … -
Make Google Chrome more secure with Windows Defender Browser Protection.
#WindowsDefender#Windows10#Chromehttps://blogs.technet.microsoft.com/yongrhee/2019/03/11/make-google-chrome-more-secure-with-windows-defender-browser-protection/ … -
-
Who said that Defender killed
#vba? A macro enabled document i used recently, which gives the attacker a reverse cmd shell and/or cobalt strike. https://www.youtube.com/watch?v=uTZNJqPahO8 …#evasion#amsi#bypass#amsibypass#cybersecurity#informationsecurity#antivirus#redteam#windowsdefender
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.