Process Hollowing is a technique first introduced years ago by attackers to thwart the mitigation capabilities of security products. However, most of today's solutions are able to detect and prevent such notorious attacks. In this talk, we will present a new technique, dubbed Process Doppelgänging, which has similar advantages but is much harder to detect - let alone prevent.
By Tal Liberman & Eugene Kogan
Full Abstract & Presentation Materials: www.blackhat.c...
Негізгі бет Lost in Transaction: Process Doppelgänging
Пікірлер: 3