Fox News

Windows PCs at risk as new tool disarms built-in security

All modern Windows PCs come with Microsoft Defender built in. For the unaware, this tool is Windows’ native antivirus. Over time, it has matured into a reliable security tool capable of blocking a ...
CSOonline

A spoof antivirus makes Windows Defender disable security scans

In a proof-of-concept, a security researcher demonstrated how the Windows Security Center API can be used to block the scans by Microsoft’s built-in antivirus tool. Windows Defender can be tricked ...
Bleeping Computer

New EDR-Freeze tool uses Windows WER to suspend security software

Poll the target until it becomes suspended by the dump operation. Immediately open WerFaultSecure (PROCESS_SUSPEND_RESUME) and call NtSuspendProcess to freeze the dumper. The researcher also published ...

How to deploy Defender for Endpoint in Passive mode

In this post, we will learn what is Passive Mode and how to enable Defender for Endpoint in Passive mode (EDR in Block Mode) ...
来自MSN

I made Windows 11 more secure with this 2MB open-source tool

Windows 11 is Microsoft's most secure OS, but it's also very noisy out of the box. Telemetry, background updates, and third-party apps frequently connect to the ...
TechSpot

'Terminator' tool uses vulnerable Windows driver to kill almost any security software

Why it matters: "Bring Your Own Vulnerable Driver" attacks use legitimate drivers that allow hackers to easily disable security solutions on target systems and drop additional malware on them. This ...