THREAT ANALYSIS REPORT: Abusing Notepad++ Plugins for Evasion and Persistence


Cybereason GSOC team analysts have analyzed a specific technique that leverages Notepad++ plugins to persist and evade security mechanisms on a machine. Following this introduction, we describe in detail how to reproduce this attack and implement detection and prevention mechanisms.

This particular Threat Analysis report is part of a series named “Purple Team Series” covering widely used attack techniques, how threat actors are leveraging them and how to detect their use.

The Cybereason Global…

Read More