Release the Kraken: Fileless injection into Windows Error Reporting service
This blog post was authored by Hossein Jazi and Jérôme Segura. On September 17th, we discovered a new attack called Kraken that injected its payload into the Windows Error Reporting WER service as a defense evasion mechanism. That reporting service, WerFault.exe, is usually invoked when an error...