Microsoft Windows - Security Intelligence

Advanced Threats August 18, 2021

Hunting for Evidence of DLL Side-Loading With PowerShell and Sysmon

6 min read - Recently, X-Force Red released a tool called Windows Feature Hunter, which identifies targets for dynamic link library (DLL) side-loading on a Windows system using Frida. To provide a defensive counter-measure perspective for DLL side-loading, X-Force Incident Response has released SideLoaderHunter,…

Endpoint July 1, 2021

Hunting for Windows “Features” with Frida: DLL Sideloading

8 min read - Offensive security professionals have been using Frida for analyzing iOS and Android mobile applications. However, there has been minimal usage of Frida for desktop operating systems such as Windows. Frida is described by the author as a “Dynamic instrumentation toolkit…

January 21, 2020

TrickBot Uses UAC Bypass to Quietly Infect Windows 10 Machines

2 min read - Security researchers observed that TrickBot has begun using a User Account Control (UAC) bypass to quietly infect machines running Windows 10 without displaying any prompts.

Malware August 8, 2019

The Curious Case of a Fileless TrickBot Infection

7 min read - IBM X-Force noted changes in the deployment of the TrickBot Trojan and discovered that the most recent version of the malware is fileless.

July 15, 2019

Weekly Security News Roundup: Zero-Day Vulnerability Exploited in Buhtrap Attack Campaign

3 min read - Last week, security researchers identified a zero-day vulnerability that was instrumental in a targeted attack against companies in Eastern Europe.

July 10, 2019

Astaroth Attack Infects Windows Machines Via Living-Off-the-Land Techniques

2 min read - An Astaroth attack leveraged only living-off-the-land techniques to run the backdoor directly in memory on Windows machines.

Endpoint July 9, 2019

Mobile Device Management Evolves to Support New Device Use Cases

4 min read - As new deployments of screens, IoT devices and other connected endpoints proliferate, mobile device management is key to helping businesses secure, manage and control new mobile-oriented use cases.

June 18, 2019

InterPlanetary Storm Malware Using IPFS P2P Network to Hide Its Activities

2 min read - A malware campaign dubbed InterPlanetary Storm is hiding its network activity among legitimate traffic by using a P2P network for its command-and-control communications.

June 17, 2019

Threat Actors Use Targeted Attack Tools to Distribute Cryptocurrency Miners, Ransomware

2 min read - Threat actors are using targeted attack tools to distribute typical malware, such as cryptocurrency miners and ransomware.

Application Security May 30, 2019

When AV Software Is at War With Your OS: A Case of IT Complexity

3 min read - When AV software programs are designed independently, it is only natural that there is competition for resources in the zero-sum field in which they are playing.

Popular tags

| | | | | | | | | | |

Failed to load data

Analysis and insights from hundreds of the brightest minds in the cybersecurity industry to help you prove compliance, grow business and stop threats.

Cybersecurity News By Topic By Industry Exclusive Series Threat Research Podcast Events Contact About Us Become a Contributor

Follow us on social

© 2022 IBM Contact Privacy Terms of use Accessibility Cookie Preferences