Dark Reading

Windows Defender-Pretender Attack Dismantles Flagship Microsoft EDR

BLACK HAT USA – Las Vegas – Wednesday, Aug. 9: Among the 97 CVEs that Microsoft patched in April 2023 was a security feature bypass vulnerability that allows an unprivileged user to hijack Windows ...
Bleeping Computer

Microsoft Defender will soon block Windows password theft

Microsoft is enabling a Microsoft Defender 'Attack Surface Reduction' security rule by default to block hackers' attempts to steal Windows credentials from the LSASS process. When threat actors ...
TWCN Tech News

How to add a File type or Process Exclusion to Windows Security

Is a file or process being blocked by Windows Defender on Windows 11/10? You can add a file type or process exclusion to Windows Security via GPEDIT or Settings. While Windows Security does a great ...
Bleeping Computer

New EDR-Freeze tool uses Windows WER to suspend security software

Immediately open WerFaultSecure (PROCESS_SUSPEND_RESUME) and call NtSuspendProcess to freeze the dumper. The researcher also published a tool that performs these actions, and tested it on Windows 11 ...
TWCN Tech News

WinDefThreatsView tool lets you set default actions for Windows Defender threats

WinDefThreatsView is a handy tool designed to show all threats on your PC under a single window and take the desired action to fix them. If you rely on Windows Defender Antivirus to protect your ...

Fake Windows Defender notifications are on the rise

It might have a legit looking phone number, but that Windows Defender alert might be fake. Here's what to look out for.