User avatar

MS collect suspicious binaries from machines running Windows and then run them inside MS to analyze their behavior. «It is quite common that even in isolated environments, many of the Microsoft IP address ranges are whitelisted to make sure systems will stay up to date» + «Make your spyware collect & encrypt data into a (new and unknown) binary and execute it, relying on the fact that Microsoft will exfiltrate it for you. When that binary itself is run (within MS' premises) it will then reach out to you with its embedded data.» #security #link

1 2 3 4 5 6 7 8 9 10