Monday, December 4, 2023

Microsoft ‘s New Tamper Protection in Defender ATP Lets block never-before seen Malware within Seconds

By Balaji

Microsoft released a new future called Tamper protection in Microsoft Defender ATP to provide next-gen security to their users and block the advanced and never before seen malware within a seconds.

In order to expand the security in Microsoft anti-malware solution, Tamper protection provides an additional security future against improper modification in the apps by sophisticated malware.

Microsoft enabled this future in both home and enterprise users, in this case, Enterprise users directly manage in this future via Microsoft’s
Intune management portal.

Tamper Protection

According to Microsoft, This feature builds on our previously announced Windows Defender Antivirus sandboxing capability and expands existing tamper protection strategies across Microsoft Defender Advanced Threat Protection.

Home users can have this future by default when Windows is installed and its automatically turn on when users upgrade the windows or enable the Cloud-delivered protection.

Enterprise customers can enable this future but only be managed from the Intune management console.

In this case, the local device admin users will not be able to change the setting due to the security concern to prevent locally override the setting by malicious apps or threat actors.

Tamper Protection

“Enabling this feature prevents others (including malicious apps) from changing important protection features such as:

  • Real-time protection, which is the core antimalware scanning feature of Microsoft Defender ATP next-gen protection and should rarely, if ever, be disabled
  • Cloud-delivered protection, which uses our cloud-based detection and prevention services to block never-before seen malware within seconds
  • IOAV, which handles the detection of suspicious files from the Internet
  • Behavior monitoring, which works with real-time protection to analyze and determine if active processes are behaving in a suspicious or malicious way and blocks them.

Users can test this future in any recent Windows Insider build released during March 2019 or later.

Learn: Complete Malware Analysis Course- Advance Malware Analyst Bundle

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Managed WAF Protection

Website

Latest articles

Chrome

Active Attacks Targeting Google Chrome & ownCloud Flaws: CISA Warns

The CISA announced two known exploited vulnerabilities active attacks targeting Google Chrome & own...
CVE/vulnerability

Cactus Ransomware Exploiting Qlik Sense code execution Vulnerability

A new Cactus Ransomware was exploited in the code execution vulnerability to Qlik Sense...
Cyber Security News

Hackers Bypass Antivirus with ScrubCrypt Tool to Install RedLine Malware

The ScrubCrypt obfuscation tool has been discovered to be utilized in attacks to disseminate the RedLine Stealer...
Cyber Security News

Hotel’s Booking.com Hacked Logins Let Attacker Steal Guest Credit Cards

According to a recent report by Secureworks, a well-planned and advanced phishing attack was...
CVE/vulnerability

Critical Zoom Vulnerability Let Attackers Take Over Meetings

Zoom, the most widely used video conferencing platform has been discovered with a critical...
cyber security

Hackers Using Weaponized Invoice to Deliver LUMMA Malware

Hackers use weaponized invoices to exploit trust in financial transactions, embedding malware or malicious...
cryptocurrency

US-Seized Crypto Currency Mixer Used by North Korean Lazarus Hackers

The U.S. Treasury Department sanctioned the famous cryptocurrency mixer Sinbad after it was claimed...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Register Your Spot

Related Articles

Connect with GBHackers On Security

Join 70,000 Security Professionals

Stay safe online with free daily cybersecurity updates. Sign up now!

GBHackers on security is a highly informative and reliable Cyber Security News platform that provides the latest and most relevant updates on Cyber Security News, Hacking News, Technology advancements, and Kali Linux tutorials on a daily basis. The platform is dedicated to keeping the community well-informed and up-to-date with the constantly evolving Cyber World.

Menu

Contact US:

[email protected]