Thursday, March 28, 2024

Microsoft ‘s New Tamper Protection in Defender ATP Lets block never-before seen Malware within Seconds

Microsoft released a new future called Tamper protection in Microsoft Defender ATP to provide next-gen security to their users and block the advanced and never before seen malware within a seconds.

In order to expand the security in Microsoft anti-malware solution, Tamper protection provides an additional security future against improper modification in the apps by sophisticated malware.

Microsoft enabled this future in both home and enterprise users, in this case, Enterprise users directly manage in this future via Microsoft’s
Intune management portal.

Tamper Protection

According to Microsoft, This feature builds on our previously announced Windows Defender Antivirus sandboxing capability and expands existing tamper protection strategies across Microsoft Defender Advanced Threat Protection.

Home users can have this future by default when Windows is installed and its automatically turn on when users upgrade the windows or enable the Cloud-delivered protection.

Enterprise customers can enable this future but only be managed from the Intune management console.

In this case, the local device admin users will not be able to change the setting due to the security concern to prevent locally override the setting by malicious apps or threat actors.

Tamper Protection

“Enabling this feature prevents others (including malicious apps) from changing important protection features such as:

  • Real-time protection, which is the core antimalware scanning feature of Microsoft Defender ATP next-gen protection and should rarely, if ever, be disabled
  • Cloud-delivered protection, which uses our cloud-based detection and prevention services to block never-before seen malware within seconds
  • IOAV, which handles the detection of suspicious files from the Internet
  • Behavior monitoring, which works with real-time protection to analyze and determine if active processes are behaving in a suspicious or malicious way and blocks them.

Users can test this future in any recent Windows Insider build released during March 2019 or later.

Learn: Complete Malware Analysis Course- Advance Malware Analyst Bundle

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Website

Latest articles

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report highlighting...

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and...

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered...

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles