Microsoft Defender gets better at preventing Windows passwords from being stolen

Microsoft is strengthening Windows’ security by adding a very important rule to its antivirus. A new ASR rule is being introduced to Microsoft Defender.

When threat actors compromise a network, they attempt to spread laterally to other devices by stealing credentials or using exploits.

One of the most common methods to steal Windows credentials is to gain admin privileges on a compromised device and then dump the memory of the Local Security Authority Server Service (LSASS) process running in Windows.

Continue Reading

2 Likes