Tuesday, October 8, 2024
HomeAnti VirusMicrosoft 's New Tamper Protection in Defender ATP Lets block never-before seen...

Microsoft ‘s New Tamper Protection in Defender ATP Lets block never-before seen Malware within Seconds

Published on

Microsoft released a new future called Tamper protection in Microsoft Defender ATP to provide next-gen security to their users and block the advanced and never before seen malware within a seconds.

In order to expand the security in Microsoft anti-malware solution, Tamper protection provides an additional security future against improper modification in the apps by sophisticated malware.

Microsoft enabled this future in both home and enterprise users, in this case, Enterprise users directly manage in this future via Microsoft’s
Intune management portal.

- Advertisement - EHA
Tamper Protection

According to Microsoft, This feature builds on our previously announced Windows Defender Antivirus sandboxing capability and expands existing tamper protection strategies across Microsoft Defender Advanced Threat Protection.

Home users can have this future by default when Windows is installed and its automatically turn on when users upgrade the windows or enable the Cloud-delivered protection.

Enterprise customers can enable this future but only be managed from the Intune management console.

In this case, the local device admin users will not be able to change the setting due to the security concern to prevent locally override the setting by malicious apps or threat actors.

Tamper Protection

“Enabling this feature prevents others (including malicious apps) from changing important protection features such as:

  • Real-time protection, which is the core antimalware scanning feature of Microsoft Defender ATP next-gen protection and should rarely, if ever, be disabled
  • Cloud-delivered protection, which uses our cloud-based detection and prevention services to block never-before seen malware within seconds
  • IOAV, which handles the detection of suspicious files from the Internet
  • Behavior monitoring, which works with real-time protection to analyze and determine if active processes are behaving in a suspicious or malicious way and blocks them.

Users can test this future in any recent Windows Insider build released during March 2019 or later.

Learn: Complete Malware Analysis Course- Advance Malware Analyst Bundle

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Hackers Gained Unauthorized Network Access to Casio Networks

Casio Computer Co., Ltd. has confirmed that a third party illegally accessed its network...

Open-Source Scanner Released to Detect CUPS Vulnerability

A new open-source scanner has been released to detect a critical vulnerability in the...

Comcast Cyber Attack Impacts 237,000+ Users Personal Data

Comcast Cable Communications LLC has reported that over 237,000 users' data has been compromised....

American Water Works Cyber Attack Impacts IT Systems

American Water Works Company, Inc., a leading provider of water and wastewater services, announced...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Microsoft & DOJ Dismantles Hundreds of Websites Used by Russian Hackers

Microsoft and the U.S. Department of Justice (DOJ) have disrupted the operations of Star...

DCRAt Attacking Users Via HTML Smuggling To Steal Login Credentials

In a new campaign that is aimed at users who speak Russian, the modular...

LummaC2 Stealer Leverages Customized Control Flow Indirection For Execution

The LummaC2 obfuscator employs a novel control flow protection scheme designed specifically for its...