all InfoSec news
MS Defender False alert? - Office Serviceability Manager
March 16, 2022, 2:24 p.m. | /u/vertisnow
cybersecurity www.reddit.com
It appears to me to be a false positive, but wanted to see if anyone else here has received an alert like this today.
Behaviour:
schtasks.exe /Create /tn "Microsoft\\Office\\Office Serviceability Manager" /XML "C:\\Program Files\\Common Files\\Microsoft Shared\\ClickToRun\\OfficeSvcMgrSchedule\_90M.xml"
schtasks.exe /change /tn "Microsoft\\Office\\Office Serviceability Manager" /enable
**SrTasks.exe**
ExecuteScheduledSPPCreation
\--> **An attempt to delete volume shadow copies was made**
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
Security Solution Architect
@ Civica | London, England, United Kingdom
Information Security Officer (80-100%)
@ SIX Group | Zurich, CH
Cloud Information Systems Security Engineer
@ Analytic Solutions Group | Chantilly, Virginia, United States
SRE Engineer & Security Software Administrator
@ Talan | Mexico City, Spain