POST
@post99.bsky.social
Aspiring Threat Researcher. Dabbling in all kinds of computer things.
Australian Cyber Security Centre published an advisory recently for Palo Alto in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations - www.cyber.gov.au/about-us/vie...
April 12, 2024 at 9:45 AM
Australian Cyber Security Centre published an advisory recently for Palo Alto in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations - www.cyber.gov.au/about-us/vie...
Reposted by POST
Came up with a new EDR bypass technique that makes it possible to block the EDR from loading its DLL into our process, preventing any user mode hooks from being deployed.
Tested with a few major EDRs, but should theoretically work against most with some tweaks.
malwaretech.com/2024/02/bypa...
Tested with a few major EDRs, but should theoretically work against most with some tweaks.
malwaretech.com/2024/02/bypa...
Bypassing EDRs With EDR-Preloading – MalwareTech
Evading user mode EDR hooks by hijacking the AppVerifier layer
malwaretech.com
February 13, 2024 at 6:13 PM
Came up with a new EDR bypass technique that makes it possible to block the EDR from loading its DLL into our process, preventing any user mode hooks from being deployed.
Tested with a few major EDRs, but should theoretically work against most with some tweaks.
malwaretech.com/2024/02/bypa...
Tested with a few major EDRs, but should theoretically work against most with some tweaks.
malwaretech.com/2024/02/bypa...