MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos

'Doppelgänging' attack hides malware from security tools

Thursday December 7, 2017. 12:41 PM , from BetaNews
Endpoint protection company enSilo has used this week's Black Hat Europe conference in London to reveal how Microsoft Windows features can be used to slip malicious ransomware and other threats past most updated, market-leading AV products. enSilo researchers demonstrated how, by manipulating how Windows handles file transactions, they could pass off malicious actions as benign, legitimate processes, even if they use known malicious code. In addition to blinding Windows' embedded defense mechanisms and third-party AV and next generation AV security products to incoming threats, Process Doppelgänging gives attackers the further advantage of leaving no traceable evidence behind -- making this… [Continue Reading]
News copyright owned by their original publishers | Copyright © 2004 - 2018 Zicos / 440Network
Current Date
Nov, Tue 13 - 06:20 CET