Microsoft Defender for Endpoint now comes with a new troubleshooting mode to help Windows administrators test Microsoft Defender Antivirus performance and run compatibility scripts without blocking intrusion protection.

The new antivirus mode is in early access and allows administrators to disable or change tamper protection settings when diagnosing applications or troubleshooting. The feature is only available for enterprises and is disabled by default. The service requires access to Microsoft 365 Defender.

Let me remind you that we also wrote that Windows Defender creates thousands of files in Windows 10 due to a bug, and also that Microsoft Defender for Endpoint and [...]

Due to the continuing global shortage of chips, Canon is in a rather curious situation and is sending out instructions to customers on how to bypass the protection of their own cartridges.

It is difficult for a company to obtain the necessary components for their ink cartridges that validate their legitimacy for their printers.

Therefore, Canon printers often do not recognize genuine cartridges and consider them to be counterfeit, and the company has to explain to customers how they can bypass its own security system.

Semiconductor shortage leads to Canon selling toner cartridges without chips which usually identify them as genuine, so Canon now instructs customers on how [...]

The media reports that Microsoft Defender for Log4j problems is showing false warnings about some kind of “sensor hack” associated with the recently deployed Microsoft 365 Defender scanner for Log4j processes.

According to Bleeping Computer, such warnings mostly appear on Windows Server 2016 systems and says: “Microsoft Defender for Endpoint has detected possible sensor tampering with memory.” These warnings apply to the OpenHandleCollector.exe process.

Microsoft representatives have already told outraged administrators that there is really nothing to worry about, as these are false positives. It is known that at the present time the [...]

Microsoft has launched a special portal through which users and information security researchers can report malicious and suspicious drivers.

The new Vulnerable and Malicious Driver Reporting Center is essentially a web form that allows users to download a copy of a suspicious driver, which will then be analysed by Microsoft’s automated scanner.

The fact is that in recent years, malicious drivers are increasingly used by major APTs and other cybercriminals. Most often, cybercriminals abuse vulnerabilities in old and unpatched drivers, or even deliberately downgrade and install older drivers into the system (for example, to gain administrator rights on a compromised [...]

Microsoft confirmed the existence of a new bug affecting Windows Serve-based devices due to which Microsoft Defender for Endpoint doesn’t start. The problem prevents the launch of a security solution from Kaspersky.

Endpoint Security Platform (formerly known as Microsoft Defender Advanced Threat Protection or Defender ATP) may not launch on devices with Windows Server Core installed. The issue is known to only affect devices with KB5007206 on Windows Server 2019 and KB5007205 on Windows Server 2022.

“After installing KB5007205 (or later updates), Microsoft Defender for Endpoint may not start on devices with Windows Server Core installed.”reported in company.

It is [...]

Microsoft cybersecurity specialist shared some interesting statistics: most cybercriminals prefer to brute-force passwords no longer than 7 characters, and only a small percentage of attacks target long passwords containing special characters.

The researcher collected statistics for this analysis from numerous honeypot servers, which he manages on duty, studying the trends among attackers:

I analyzed the credentials used in over 25,000,000 brute-force attacks on SSH. In 77% of cases, brute force was directed to passwords from 1 to 7 characters. A password longer than 10 characters was encountered only in 6% of cases.Ross Bevington, a Microsoft expert, told the company.

The [...]

Autodesk representatives notified the US Securities and Exchange Commission that they also suffered from large-scale supply chain attack and hack of SolarWinds.

It turned out that one of the company’s servers was infected with Sunburst malware.

We identified a compromised SolarWinds server and took immediate steps to contain and eliminate the threat. While we believe that Autodesk’s customer operations and products were not affected by this attack, other similar attacks could have a significant negative impact on our systems and operations.the company said in a statement.

An Autodesk spokesman told Bleeping Computer that the attackers did not deploy any malware on [...]

Microsoft discovered new attacks by the Nobelium hack group that is responsible for the high-profile SolarWinds hack last year, one of the victims was Microsoft customer support employee.

Let me remind you that the SolarWinds hack has become one of the largest attacks on the supply chain in history. In December 2020, it became known that unknown attackers had attacked the company and infected its Orion platform with malware. Of the 300,000 SolarWinds customers, only 33,000 were using Orion, and at the beginning of the year, it was reported that an infected version of the platform was installed on approximately 18,000 customers, according to official figures.

As a result of [...]

Last week, representatives of the Texas-based company SolarWinds, which in 2020 suffered from a massive attack on the supply chain, filed documents with the US Securities and Exchange Commission.

The statement said that based on new information that emerged during the investigation of the attack (in particular, the DNS traffic logs), it became clear that the incident affected not 18,000 clients, as previously thought, but only about 100.

Let me remind you that the SolarWinds hack has become one of the largest attacks on the supply chain in history. In December 2020, it became known that unknown attackers had attacked the company and infected its Orion platform with malware. Of [...]

If you use the Windows 10 operating system together with the built-in Microsoft Defender antivirus, you may encounter a bug that creates thousands of service files.

On affected devices, Microsoft Defender places thousands of files in the directory: C:\ProgramData\Microsoft\Windows Defender\Scans\History\Store

For example, on a test system running Windows 10, version 20H2, there were more than 10,800 objects in this folder. Other users report that in just 24 hours, Microsoft Defender created over 950,000 files, taking up over 30 gigabytes of disk space. Most files are small: 1 or 2 kilobytes.

The error can affect certain operations, such as sync or backup jobs. [...]