Skip to content
Summary - Microsoft Defender disrupted a human operated ransomware incident targeting a large educational institution with more than a couple of thousand devices. - The attacker attempted to weaponize Group Policy Objects (GPOs) to tamper with security controls and distribute ransomware via scheduled tasks. - Defender’s predictive shielding detected the attack before ransomware was deployed and pr...