From 4a4ba1dfc3b3c1891d83e4d69038f534ec5ab542 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Fri, 12 May 2017 15:04:13 -0700 Subject: [PATCH] update malware categories and image --- ...indows-defender-advanced-threat-protection.md | 9 +++++---- .../images/atp-machines-active-threats-tile.png | Bin 0 -> 7621 bytes 2 files changed, 5 insertions(+), 4 deletions(-) create mode 100644 windows/threat-protection/windows-defender-atp/images/atp-machines-active-threats-tile.png diff --git a/windows/threat-protection/windows-defender-atp/dashboard-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/dashboard-windows-defender-advanced-threat-protection.md index fe17df31f7..d007635575 100644 --- a/windows/threat-protection/windows-defender-atp/dashboard-windows-defender-advanced-threat-protection.md +++ b/windows/threat-protection/windows-defender-atp/dashboard-windows-defender-advanced-threat-protection.md @@ -71,15 +71,16 @@ Active malware is defined as threats that were actively executing at the time of Hover over each bar to see the number of active malware detections (as **Malware detections**) and the number of endpoints with at least one active detection (as **Machines**) over the past 30 days. -![The Machines with active malware detections tile shows the number of threats and machines for each threat category](images/machines-active-threats-tile.png) +![The Machines with active malware detections tile shows the number of threats and machines for each threat category](images/atp-machines-active-threats-tile.png) The chart is sorted into five categories: -- **Password stealer** - threats that attempt to steal credentials. - **Ransomware** - threats that prevent user access to a machine or its files and demand payment to restore access. +- **Credential theft** - threats that attempt to steal credentials. - **Exploit** - threats that use software vulnerabilities to infect machines. -- **Threat** - all other threats that don't fit into the **Password stealer**, **Ransomware**, or **Exploit** categories. This includes trojans, worms, backdoors, and viruses. -- **Low severity** - threats with low severity, including adware and potentially unwanted software such as browser modifiers. +- **Backdoor** - threats that gives a malicious hacker access to and control of machines. +- **General** - threats that perform unwanted actions, including actions that can disrupt, cause direct damage, and facilitate intrusion and data theft. +- **PUA** - applications that install and perform undesirable activity without adequate user consent. Threats are considered "active" if there is a very high probability that the malware was executing on your network, as opposed to statically located on-disk. diff --git a/windows/threat-protection/windows-defender-atp/images/atp-machines-active-threats-tile.png b/windows/threat-protection/windows-defender-atp/images/atp-machines-active-threats-tile.png new file mode 100644 index 0000000000000000000000000000000000000000..fd0625088a6c5d7e89867265d0861e849765db82 GIT binary patch literal 7621 zcmdT}bzIY3+uv<~AR!`53@j9BB}8H%B_Jh^uE9-r*NBOV+$y0%Kw1zs8bKNdf-#Yp z)JBKMMh<1b82O&v&-48Me%^lh0KaptQ`fn!?^VCwle>o6ob0FAArJ_su8!tC2;@Ko zXwMvB0sl2IsoCJc=BHyB2!U{YV*dS+BF1$Z5LttC4YXLN4|5zpAwdzT@c)~nWf7zn z9OUL304c8M(g7rnAVAV|4s;A~_X~3O^?~rRUAP43>`c0buU~k8yQ^Ceq>Q^u5m34Q zrUp1WFsGgma`$$I$kDmkzz7?21n%n+6zUM*46*gwXHGx*_vY?_j$RI6Y5=7ELroGO zA7PTs9RhsZeOw_QPLtyRjrAYvg999$A?y1O7ymU)!`Iu}*(V6H(UsZ?Xe`WWChkFA z&X6K%pD+Y+=DDt>nn_sJ@;FN0#P!F@Z|>ODenTxAkyx>q1uJpc7h%b!r#yAL>_W#& zubBGGos*0($QX1IVM)deFDzX7a_CZUaz=xH{roxfvx!d|U&^-)lFPlH`q)Tk9`V$3 zzW%!Gv*KX3#F483`>!d#vm9Jb9&-(w+P$M=-;*vwP^M(Ls?d}P3PK5qiHS@dy_(L^ z3Hk#x?pqW*ig;UEDmF0-dJyHO&z`|hahw&?W`{uc$7LIBQTSodvOoMl3_Qwi`GMYj zz9UTKzCF;!2OehU8xBAqAJ`9>gN{Ya6mx&EV>V#-|Jb6~mzq%fi}=K|{cs~#A%jL) z9I5q0?yi$~ZH2(rLLcIn{l^;vu|o5Gg?d{HrIkUye`wh@1$DgR0K@E4-ZGK;OJeBgM))5#l^j!pF!7?b9aPd{<+&%K@tXY zC5qN9|E;4#pk7>9SbH*(mXMK=ar~|{lj(2q92L>62mt{Bo-|h{r>`q?e3d2`(5Y!K z;@g~ilN3bh$u3$vqZp*KzP{cRL8mr2hptSR-oE{q>#X8h!_y-`>;hM*u!`3G-Id_Y zU(-dZ=z-y35qI%9#jMF}=c=O0O47F!u}g*$Ztm{Apk<0cs1DXUmDx1jlaP>bNRyM3 z(~{86H!xuZCxA;laeVUS<~BAj?*g?FCICkJ12{fEgI7WzLqZpzuI0APA?Yz(5hq8OHPR@y&dDoPNO=e*|K`Ffux7YGsu%_ox1F zJg)RUuh++Mn0Uf@L?RLM;K74p=m`L=jPVA4jhI^>cCypb zD2;Brol>m>yW8~33APP6X=zZp^p*Db_cuM8##^GSot>ST$5MW8Z6Q-qQbd%LMrmOh z8V}7XY}}*OGI4`e_;{xkLwX-UbVPkb~QsiGYM^Z_g^oH{XQV#a zi808`Czb-%3oXIf(hE&5>J|r5;6%jE52!;D4+V!uMnWJLn?qM}?&#?O@p({-e$Fi| znYg%Mm;@7(f?MZb@9pg!O1%;766wbYHN*V5y|L`!=}A*2)3X?OGx&%gf6> zyuAl2Y?}wh#=KGoNu<)o#^HBk%bUMvTrAbp)CR)yyuH1xS|S^Vdl~~N`cv*69`^zR z-zA<=$R`rbOifMam+L1}W%*w>H8*!Jmf1GnSlZ|W=EPWariF%v)>j}}efGFW2bVdz zwCTkbLm!B_KkQ;^I@lm(PIWXuE98tNX|ewW)MV8f zjk6?CXj(R*`O7R1)!ywSp>`aH9DjoAZ7jhd9|k1s-Vg0iX$<`p4-~4Eg_X5?wX94W z;42*II$mLiE7{lxsjaUs#bSkjR7Mz? zBv9Z$qC)dOJCd!ML(17wdyv4ozYz%XYU=ksG1@cbeQ%6<0tGoZsL;!FOq7J z>kEI)X6lD)EKlG@;Zm`&u?vff$wJvGQC5I?7wg^$jiRSd*^Mkh;y%1{C6ttue0ygQ zdY5~a#^`DZ`BojgX!h=XSy|Uh%cs#ck5YRX?S5Np?m+YD0kU#(9TZyn?!p9lVXzdo zZHlJo>FVh{8yOin{zGcz}jAlgq)8*k&+@P<3-@g-9ri$Ngs*j)&@yt4HLJu0S5r;u%zJ7(9-;T^)~yv;L<#ZOF@=y z$NZ0G=bzWb;c#SnAf+c^(VI%8ngs{fA|oQYtAX2#<(%r-1~NoXu8>w|JAp;GQe&*| z-aS^ug}FCzH}i(~>LENZN?k```v#OG&$IF7P+&8bKoN?ly`2X7_pveM3SrrimYjGu zeC#NYi-CZml2UCr&84=c=GE?9J3Akuw}*#xXx|a@iLtRU|JfrF8a2<3f^PsBBI>WXnAW`Kt_vv+c7uZDV30J5S-};Fx1o-Hc&07ZrW= z>Sv6;$jB&p@q!2FR0IaImG>C~C*=S?B>b9-o7-r%TtBmcmDJXz#@O9sqmUa(X$2rG zN?6w|y|8O;YO=y7oimS$!hr?YxQ^*VPcCUEzWQ}cQrS@ZScVSJ_K@@)$3J}N)bT6& zeEj^6CEx&L0IlFRdV6&84q9N(uG*=?Q7i(uEf7x)!q~E9{r>AaG(ss3Hy(8B@{b2^8w~l1ii?e}oiqVKKULiFc)yXmdoeSrjf_|Y2L&ky z2oNg~l>ivwNZc5J1Wcnb4?6Y8?&qwHtn9d`sAzjnUeLFn9L7qs@v=^>KI4jv-Dp}) zmYrkkr0?UQOHYWIiaf5WN@KX_MPfM|1TgGGdp9=T38WtmarMA4;=6gWC4uwLW9A$i zOO|lfQuE5x$rbZ!CuQ53Dk};72a#KA^F^aUnC4GN)p7f4MYEl0nXQ+0>l-_KNZnEK z4Ri-XL&E`gX~_K{;FB!o=jYiE9k^p;MCX{*>-+lkYs36O^h-4QM|#}C9u61|)A0;V z!m3k&*#M!e)9Fb^TYI)*ZcV*V%)^NKz$!ojurN3Gy%M#%s5{wH^5%_3ZEbBydHLXr zOWK0PltBTHMA`kG`OiVf{;X+le8dXQwW2IkIq|4*$jU@{ON$C&u^|pI4hsZUnK0C8 zVQX9dF^)Sz-O0gW`VsC6aLe)^sqkU4!Rwv0O4Gd8fW;E}ByeoxH2!oF4YKkD* zG7gxSnekuOH*{%E{O!2nLh>U~%h+pB5J@q)s_ z`7a5lT^_BIyEAiUJ32bZ^q81G3JVLVkC)@i<+R-D`{(ue);w5?fi81lBbHHKU)RJtH={? zlK$M=VZfwP$UD3Ad$L)otE*jpUZrO>B{6gR zivXFKFJcC-yY2<@gZ|R(|IS>$K-22`#DpLr0GtH5?czdiz+Yq`_4W1Ptxf{Ud2~fZ zg@4j@Q|9o0b%pWotz{exSxIEF%jL_L-5IO1Pb8U@&6VfqxdTGq+GCIM9XWK|mRWLq za_iY>m}m;t0|>t5Vm#IeZsOP)PcB(+80ym)q)&MViB2$G+>i~Af< z1p7LwpS?6X`Qa1E_A<4I2aSpU(20<+Fg{P{x3*uxc@YuaVo*s*vOK?Qq}=9}Kd=7J zXQ=q>^QwMWy0GGD?NcMVT9g|67m{`~0{6l8*C z)|DWAQfMm#?-6bZ1xhziCtDHdwNk|H9dwQN=ndVz;didQW>>&k%`~R@shgXp3Aqnf zJEIGJ{P^*95f=9A{6dIm5+ZZrLAL{HcyIDgt0cu-m8yY8nTs*n^2QMt{UeRA7Ky$K z5nJDLKADRzKat@Js7p_73%>XaDn$fg02Co_D(G!Q?2JkNuy1}-$X!amaH=A<1q)v&;05?R;%nIB zzdKBbzM{J|z7j3$zSJ&Gp8*4}!pTm4wpD+|ZY+;tnNbO~G+J*YW>%)-*8zr)>Grw3 z8t${TwdIkr0OEiM*87DA8E*XjibdsLuUJm82D@&(Tq8rt*qSP_UabtdJExnKgRMg` zzTZYml=`u0Nx?=8#$ncqxw+U;7i(SLXrAC*K=kZIM=NDtqUkr1aWTHIA zo@Y+o8!n&vz}HRCAiK-h!I|P>gjE~hPB~Z3E0mT<>{_Z2v%QG-Fhr&%{X@Y zf#(77oc)4|{q2^5s$|N3UBbA|rU*$Fu=muA&n3fo#V7K%l9{s}nt?gl6z%Khl}UYW z0|s+Cbq8I|SzoT`^`=6jkQAElWf;d%a67AdS-phQ0kyN5m6Ac+uabxB>owY{{7v_KSwxaKE{j2ivJy;-pS|)B5n> zAG(g~WO6j2GL;duP#Z}r9~+i3v`xDaQY;^aP*UBo>P~x5g6zc}%pL1nuTMqVS>GGr zt_Cu688sZ&o0$1@cC|gFS3w0mv7@dB#VmX)pI%vXnyOk(nkTDpCD}EUXP=8M?|pb# z)O+b(N4_i^N_Fh*#vwH5^!#wg?wogH7-V|M)c1#P@%nDNjS+e3N$|-DE(svAk;SJl zyyILrZ!tC7d&kvnNpy?v{B1NXL>03X@&+D@0TJu-g0Q*{_qc}70 z`vNC#5Ks(@`fw(nU2!$C{8r<^%L7I&Qd$5+Un1T8WPQHMEw);bpN$+GX}AC~c}5N9 zYCkPzR)s%nm%lh3tYhM7uI+e~>3$aRg!96n^kn=VBm$rd)(seTUgk1QN0%W)jyWgpuon4{u#jaYRNjX|=p4P5UmNSm6JAhPEgv>H5W6jt zS5u{DZFk0Vdvbg;o~dG&h?tlvo>X9%TWjm;gphO2TLWH1pvKR%-1zX_)_u>rl_y+1 z#{0x==LEyzFMrgW^G`@7RB*kTi1&jDQ0MTp+ETm&{08je3~te(H0M61`?d zoBQ9I8 z!0GoZ^R*ov`iXfV7(|QI=e28EqNMH>YNoxUuC?7-I&$09eseo&)Ht7NEeiA>xIV9$Xt3rugd5XKWC+7@Hv<8JDJp(vv+&>gI+XS9dO z&w^{30C?zY_sT`S4G7yF9H|l=?N98wO|_c~l~>`dE$^ZizG}KkK!rup#~QJrD*Hqk zL2ZU_7&?_+F%+fv!gmO9jb*)C9n*8yL$^cIn-t~DBW5?+1P05NtZ zQ}Ebg58^;+G+Wp zCGugaON_u@C~@@KuZykbPh|{N@`U&!g1k?7VP z1gze`yV%=*3M`8gL}2YYY$1%7S(U;1Y>3JrmIA?f