#MicrosoftDefender for #Office365 now blocks #EmailBombing attacks

https://www.bleepingcomputer.com/news/security/microsoft-defender-for-office-365-now-blocks-email-bombing-attacks/

Microsoft introduces protection against email bombing https://www.helpnetsecurity.com/2025/07/01/microsoft-introduces-protection-against-email-bombing/ #MicrosoftDefender #socialengineering #Don'tmiss #Microsoft #Hotstuff #email #News #spam

Die #Top5 diese Woche im Blog:
Datenaustausch zwischen Windows und Android ohne Umweg: https://blog.clickomania.ch/2025/05/26/smartphone-link-windows-explorer-android-dateizugriff/
#MinionRush: Wie man bei Handy-Spielen kein Geld rauswirft: https://blog.clickomania.ch/2025/05/27/minion-rush-big-update-implications/
#MicrosoftDefender: Ein Sicherheits-Feigenblatt von Microsoft: https://blog.clickomania.ch/2025/05/29/microsoft-defender-app-review/
#Blogwerk: Wo früher Blogs darbten, blüht heute ein Milliardenbusiness: https://blog.clickomania.ch/2025/05/30/google-views-likes-abonnenten-kaufen/
Warum es sich lohnt, KI-Auskünfte zu dokumentieren: https://blog.clickomania.ch/2025/05/28/website-full-length-screenshots/ #clickomaniach

#MicrosoftDefender soll Android-Telefone und das iPhone schützen. Ist das nötig und funktioniert es überhaupt? Das Fazit nach dem Test: Nutzen fragwürdig, bei gewissen Risiken. https://blog.clickomania.ch/2025/05/29/microsoft-defender-app-review/ #clickomaniach

Dieser Artikel ist sicherlich schon anderthalb Jahre alt - zu erkennen daran, dass #Windows7 und 8.1 erwähnt werden - für #Windows10 und 11 aber sicherlich noch gültig.
Ansonsten: Desinfec't von heise nutzen

#MicrosoftDefender Offline-Scan gegen Rootkits - pctipp.ch https://www.pctipp.ch/praxis/sicherheit/microsoft-defender-offline-scan-rootkits-2838946.html #Malware #Rootkit #Microsoft #Windows #Windows11

I'd like to change a password of a local account on Windows 10.

Can #chntpw still do the job in 2025 (with #SAM)?

I have read that Windows Defender blocks some changes like #sethc, #utilman and so on ...

RGB software is unfortunately based on unsupported and disavowed software.

Yes, the XKCD cartoon is referenced.

#rgb #software #MicrosoftDefender #CVE

https://youtu.be/H_O5JtBqODA

Microsofts #Defender-#VPN: Kaum angekündigt, schon Geschichte | Security https://www.heise.de/news/Microsofts-Defender-VPN-Kaum-angekuendigt-schon-Geschichte-10267366.html #Microsoft #MicrosoftDefender #EndOfLife #EoL

Frage in die Runde:
Hat jemand von euch (oder kennt jemanden) in den letzten Jahren eine Endpoint Protection oder ein EDR in der Firma eingeführt (z.B. Jamf Protect, Microsoft Defender for Business o.ä.)?

Wie lange hat das ca. gedauert (inkl. datenschutzrechtlichen und IT-Sicherheitsabklärungen)?

Wäre um ein paar Erfahrungswerte aus der Schweiz und dem EU-Raum dankbar

We’re excited to announce our new integration with Microsoft Defender for Endpoint and Microsoft Defender Vulnerability Management. This means SOC teams can now streamline incident response, reduce alert fatigue, and focus on what really matters: high-priority risks.

With real-time enrichment from Corelight and Defender, teams can:
Prioritize alerts based on real-time environmental risks
Gain deeper visibility into all devices, even unmanaged ones
Speed up investigations and remediation

As Todd Wingler, Corelight Vice President, Global Alliances and Channels, puts it "Corelight is now the only NDR vendor providing real-time enrichment with data from the top three EDR vendors, enabling our customers to conduct more streamlined investigations resulting in quicker remediation."

Discover how this integration enhances your SOC: https://corelight.com/company/newsroom/news/corelight-enhances-network-visibility-and-detection-coverage-with-insights-from-microsoft-defender?utm_source=mstdn&utm_medium=organic-social&utm_campaign=press-release&utm_adgroup=microsoft-defender&utm_content=SSI

I'm using #Unattended to keep my #Ubuntu #server up to date. Today I noticed that the #microsoftdefender agent was not being updated. To include it, edit the file /etc/apt/apt.conf.d/50unattended-upgrades and add the following inside the brackets Unattended-Upgrade::Allowed-Origins:

"microsoft-ubuntu-${distro_codename}-prod ${distro_codename}:${distro_codename}";

The line is distribution codename agnostic.

Best Antivirus Software for Small Businesses in 2024 – Source: www.techrepublic.com https://ciso2ciso.com/best-antivirus-software-for-small-businesses-in-2024-source-www-techrepublic-com/ #rssfeedpostgeneratorecho #SecurityonTechRepublic #SecurityTechRepublic #antivirussoftware #CyberSecurityNews #MicrosoftDefender #CloudSecurity #smallbusiness #GravityZone #TopProducts #TrendMicro #Security #Norton #avira #eset

With a rise in Adversary in the Middle (AiTM) phishing, we've seen attackers leverage trusted compromised accounts to launch multi-stage attacks and follow-on BEC activity. Too often, investigations end with "If only this data had been available!"

We are kicking off our 3-part series on handling Business Email Compromise (BEC) incidents in Microsoft 365! In Part 1, Rachel dives into the key artefacts for investigating a BEC in M365 and where to find them.

https://www.pentestpartners.com/security-blog/bec-ware-the-phish-part-1-investigating-incidents-in-m365/

This includes:

Why enabling Unified Audit Logging is essential for tracking attackers.

How to use Purview Content Search to analyse compromised mailboxes.

Pro tips for using Defender's Advanced Hunting to quickly scope the scale of an attack.

Stay tuned for more actionable insights in Parts 2 & 3!

#CyberSecurity #BusinessEmailCompromise #M365 #IncidentResponse
#MicrosoftDefender #EmailSecurity #DigitalForensics #DataRetention #ThreatHunting #CloudForensics

Microsoft Plant Überarbeitung der Windows-Sicherheit nach CrowdStrike-Ausfall
Microsoft verstärkt seine Pläne, Windows widerstandsfähiger gegen fehlerhafte Software zu machen, nachdem ein missglücktes
https://www.apfeltalk.de/magazin/news/microsoft-plant-ueberarbeitung-der-windows-sicherheit-nach-crowdstrike-ausfall/
#News #Tellerrand #CrowdStrike #Cybersicherheit #Cybersicherheitsgipfel #Kernel #KernelZugriff #Microsoft #MicrosoftDefender #Sicherheitslcken #Sicherheitssoftware #Windows

Comprehensive guidance for the Defender community on MDE's capabilities so you know exactly what's available

The v6 update has 15 changes, including:

• New ASR capabilities
• New Defender antivirus capabilities
• New device response actions
• Much more!

Ultimate Comparison of Defender for Endpoint Features by OS - Ru Campbell MVP
https://campbell.scot/feb-2024-ultimate-comparison-of-defender-for-endpoint-features-by-os/

#Verpasstodon

Microsoft Defender: Der Erkennung mit Komma entgehen

Ein IT-Forscher hat entdeckt, dass sich die Erkennung des Microsoft Defenders mit einem Komma austricksen lässt.

https://www.heise.de/news/Microsoft-Defender-Der-Erkennung-mit-Komma-entgehen-9625770.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege

#Microsoft Defender: Der Erkennung mit Komma entgehen | Security https://www.heise.de/news/Microsoft-Defender-Der-Erkennung-mit-Komma-entgehen-9625770.html #MicrosoftDefender

Security Tech Accelerator - On-demand Recordings mow available!

The Security, Compliance, and Identity Tech Community hosted a virtual "Tech Accelerator", an event consisting of over 12 deep dives & live AMAs for you to engage with Microsoft Product Experts and ask questions.

Event | Microsoft Security Tech Accelerator - December 6, 2023
https://techcommunity.microsoft.com/t5/tech-community-live/microsoft-security-tech-accelerator/ev-p/3968748#M20

Sneak Peek at my upcoming "Hands-On KQL for Security Analysts" Course!
Preview lessons are now live! Plus, a #BlackFriday discount is on the horizon!

Check the preview: https://academy.bluraven.io/hands-on-kusto-query-language-kql-for-security-analysts
#KQL #MicrosoftDefender #MicrosoftSentinel #Training

@nieldk on bypassing Microsoft Defender at #BSidesKbh #microsoft #defender #microsoftdefender