https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-can-now-automatically-isolate-hacked-endpoints/

viss@mastodon.social

Microsoft Defender can now automatically isolate hacked endpoints

Microsoft is testing a new Defender for Endpoint capability that will automatically isolate compromised endpoints to thwart attackers' attempts to move laterally across the network.

BleepingComputer (www.bleepingcomputer.com)

defender has discovered endpoint isolation

jkdelauney@tech.lgbt

@Viss but it’s Microsoft of now, so I’m expecting at any moment for news reports of companies being brought down as Defender identifies every device as a compromised endpoint and enacts isolation of whole networks on a per device basis.

viss@mastodon.social

@jkdelauney countdown to contained endpoints because of the dastardly and nefarious lsass.exe!

jkdelauney@tech.lgbt

@Viss a program with that amount of system access must be hostile, right?

viss@mastodon.social

@jkdelauney the malware is calling from inside the house!

agathos@mastodon.babb.no

@Viss @jkdelauney also shout out to the suspicious IPs owned by Microsoft. Data exfil via one drive to a Microsoft data center, lets just nuke everything. Shut it down!

sharkfie@infosec.exchange

@Viss I was wondering if it was other additional feature but nope, they really didn't have endpoint isolation in 2026