The DefendOps DiariesSep 22

Attackers are now exploiting a trusted Windows process to put security software on pause. Imagine your defenses suddenly going offline mid-attack—what's next in the cyber arms race?

https://thedefendopsdiaries.com/edr-freeze-tool-how-attackers-exploit-windows-error-reporting-to-suspend-security-software/

#edrfreeze
#windowserrorreporting
#endpointsecurity
#cyberattack
#securityevasion

EDR-Freeze Tool: How Attackers Exploit Windows Error Reporting to Suspend Security Software

Discover how attackers use the EDR-Freeze tool to exploit Windows Error Reporting, suspend security software, and evade detection in 2024.

The DefendOps Diaries
Tarnkappe.infoOct 7, 2020
📬Windows Error Reporting: Hacker missbrauchen Dienst für Malware-Angriff📬 https://tarnkappe.info/windows-error-reporting-hacker-missbrauchen-dienst-fuer-malware-angriff/ #WindowsErrorReporting #APT32-Gruppe #JérômeSegura #Malwarebytes #HosseinJazi #Hacking #Kraken
Windows Error Reporting: Hacker missbrauchen Dienst für Malware-Angriff

Die Sicherheitsforscher von Malwarebytes berichten von einer Angriffsmethode, die den Windows Error Reporting-Dienst missbraucht.

Tarnkappe
ITSEC NewsOct 6, 2020
APT Attack Injects Malware into Windows Error Reporting - The fileless attack uses a phishing campaign that lures victims with information about a worker’s ... https://threatpost.com/apt-attack-malware-windows-error-reporting/159861/ #windowserrorreporting #workersscompensation #detectionevasion #filelessmalware #malwarebytes #websecurity #cyberattack #nationstate #oceanlotus #vietnamese #injection #campaign #malware #vietnam #kraken #apt32 #apt
APT Attack Injects Malware into Windows Error Reporting

The fileless attack uses a phishing campaign that lures victims with information about a worker’s compensation claim.

Threatpost - English - Global - threatpost.com