Wednesday, October 27, 2021

New evasion technique in CLR and how to detect it

In terms of costs, the age-old battle that pits attacker versus defender has become very one sided in recent years. Almost all modern attacks (and ethical offensive exercises) use Mimikatz, SharpHound, SeatBelt, Rubeus, GhostPack and other toolsets available to the community. This so-called githubification is driving attackers’ costs down and reshaping the focus from malware development to the evasion of security mechanisms. What’s the point of creating a tool that can be detected by EPP solutio…

Read More

Latest news
Related news