Monday, May 7, 2018
First-Ever Ransomware Found Using ‘Process Doppelgänging’ Attack to Evade Detection
Security researchers have spotted the first-ever ransomware exploiting Process Doppelgänging, a new fileless code injection technique that could help malware evade detection. The Process Doppelgänging attack takes advantage of a built-in Windows function, i.e., NTFS Transactions, and an outdated implementation of Windows process loader, and works on all modern versions of Microsoft Windows OS,
Subscribe to:
Post Comments (Atom)
Popular Posts
-
Threat actors are exploiting ProxyLogon and ProxyShell exploits in unpatched Microsoft Exchange Servers as part of an ongoing spam campaign
-
Venezuela used to be the richest country in Latin America, sitting on the world’s largest oil reserves. Yet Venezuelans are scrambling for m...
-
Following today’s news that Samsung and Apple have worked together to bring an iTunes Movies & TV app and AirPlay 2 support to 2018 and ...
No comments:
Post a Comment