4 matches found
Microsoft Windows Kernel API elevation of privilege vulnerability (CNVD-2018-00526)
Microsoft Windows is a series of operating systems released by Microsoft Corporation in the U.S. The Kernel API is one of the kernel APIs. An elevation of privilege vulnerability exists in the Kernel API in Microsoft Windows. An attacker can exploit this vulnerability with a specially crafted...
Windows Defender ATP でステルス性の高いクロスプロセス インジェクション手法を検出する: プロセス ハロウイングと AtomBombing
本記事は、Microsoft Malware Protection Center のブログ “Detecting stealthier cross-process injection techniques with Windows Defender ATP: Process hollowing and atom bombing...
Detecting stealthier cross-process injection techniques with Windows Defender ATP: Process hollowing and atom bombing
Advanced cyberattacks emphasize stealth and persistence: the longer they stay under the radar, the more they can move laterally, exfiltrate data, and cause damage. To avoid detection, attackers are increasingly turning to cross-process injection. Cross-process injection gives attackers the abilit...
Windows Defender ATP でクロスプロセス インジェクションを発見する
本記事は、Microsoft Malware Protection Center のブログ “Uncovering cross-process injection with Windows Defender ATP” 2017 年 3 月 8 日 米国時...