π [ Antonio 's4tan' Parata @s4tan ]
I wrote a new post: "Exploiting a vulnerable Minifilter Driver to create a process killer" source code: #malware #byovd
π https://antonioparata.blogspot.com/2024/02/exploiting-vulnerable-minifilter-driver.html
π https://github.com/enkomio/s4killer
π₯ [ tweet ]
I wrote a new post: "Exploiting a vulnerable Minifilter Driver to create a process killer" source code: #malware #byovd
π https://antonioparata.blogspot.com/2024/02/exploiting-vulnerable-minifilter-driver.html
π https://github.com/enkomio/s4killer
π₯ [ tweet ]
π3π₯±2
π [ Renzon @r3nzsec ]
I recently co-authored a @Unit42_Intel blog about a unique IR case in which a threat actorβs custom EDR bypass (using #BYOVD) exposed their toolkit, methods, and even identity. Check out how we unmasked them through an opsec slip-up! #dfir
π https://unit42.paloaltonetworks.com/edr-bypass-extortion-attempt-thwarted/
π₯ [ tweet ]
I recently co-authored a @Unit42_Intel blog about a unique IR case in which a threat actorβs custom EDR bypass (using #BYOVD) exposed their toolkit, methods, and even identity. Check out how we unmasked them through an opsec slip-up! #dfir
π https://unit42.paloaltonetworks.com/edr-bypass-extortion-attempt-thwarted/
π₯ [ tweet ]
π4π2