If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
Living off the land by turning admin’s tools against them
HOW MALWARE IS LIVING OFF THE LAND WITH CERTUTIL
By Matan Meir - June 20, 2019 Despite the variety and creativity of threat actors, we know that they are restricted by their goals. These include things like persistence, exfiltration, and perhaps most importantly, stealth. Even ransomware, which by definition needs to announce itself in order to succeed, must initially evade detection by security tools and vigilant SOC teams. One tactic that has become increasingly popular to achieve stealth is ‘living off the land’. This involves using tools natively found on the victim’s device to achieve some or all of the attackers purposes while at the same time reducing the attacker’s exposure and risk of detection. https://www.sentinelone.com/blog/mal...with-certutil/ -- David B. Devon, UK |
Ads |
Thread Tools | |
Display Modes | Rate This Thread |
|
|