all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

MS Defender False alert? - Office Serviceability Manager

Add to bookmarks
March 16, 2022, 2:24 p.m. | /u/vertisnow

cybersecurity www.reddit.com

Hi Guys. I got 2 alerts for "Ransomware behaviour detected in the file system" I have about 2,000 endpoints, but only got 2 alerts.

It appears to me to be a false positive, but wanted to see if anyone else here has received an alert like this today.

Behaviour:

schtasks.exe /Create /tn "Microsoft\\Office\\Office Serviceability Manager" /XML "C:\\Program Files\\Common Files\\Microsoft Shared\\ClickToRun\\OfficeSvcMgrSchedule\_90M.xml"

schtasks.exe /change /tn "Microsoft\\Office\\Office Serviceability Manager" /enable



**SrTasks.exe**

ExecuteScheduledSPPCreation

\--> **An attempt to delete volume shadow copies was made**

alert cybersecurity defender manager office

Visit resource

More from www.reddit.com / cybersecurity

MITRE says state hackers breached its network via Ivanti zero-days 2 hours ago | www.reddit.com
amp att cybersecurity mitre +2
Chinese Government Poses 'Broad and Unrelenting' Threat to U.S. Critical Infrastructure, FBI Director Says 2 hours ago | www.reddit.com
cybersecurity
All versions of Crush FTP are vulnerable 5 hours ago | www.reddit.com
action april crushftp cybersecurity +10
Cyber Awareness 6 hours ago | www.reddit.com
adjust asking can certificate +9
Security awareness VS human risk management - why the term you use matters 8 hours ago | www.reddit.com
awareness computers cybersecurity focus +14
USPS Scam SMS - Link Discussion 8 hours ago | www.reddit.com
cybersecurity domain domain name link +10
Top cybersecurity stories for the week of 04-15-24 to 04-19-24 9 hours ago | www.reddit.com
ciso cyber cyber security cybersecurity +8
UK cyber agency NCSC announces Richard Horne as its next chief executive 10 hours ago | www.reddit.com
agency chief cyber cybersecurity +3
Cyberattack Takes Frontier Communications Offline 13 hours ago | www.reddit.com
com communications cyberattack cybersecurity +2

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Security Solution Architect

@ Civica | London, England, United Kingdom
View on infosec-jobs.com

Information Security Officer (80-100%)

@ SIX Group | Zurich, CH
View on infosec-jobs.com

Cloud Information Systems Security Engineer

@ Analytic Solutions Group | Chantilly, Virginia, United States
View on infosec-jobs.com

SRE Engineer & Security Software Administrator

@ Talan | Mexico City, Spain
View on infosec-jobs.com
View more jobs