process injection – Computer Security Articles

Memory scanning leaves attackers nowhere to hide

November 9, 2023 admin Featured, fileless malware, memory scanning, process injection, sophos x-ops, threat research

Credit to Author: Matt Wixey| Date: Thu, 09 Nov 2023 13:46:19 +0000

Sophos X-Ops takes an in-depth look at memory scanning and why it matters

Using process creation properties to catch evasion techniques

June 30, 2022 admin cybersecurity, detection evasion, Microsoft security intelligence, process creation, process injection

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Thu, 30 Jun 2022 13:30:00 +0000

We developed a robust detection method in Microsoft Defender for Endpoint that can catch known and unknown variations of a process execution class used by attackers to evade detection. This class of stealthy execution techniques include process doppelganging, process herpadering, and process ghosting.

The post Using process creation properties to catch evasion techniques appeared first on Microsoft Security Blog.