Malware developers are always looking for new technics to bypass security systems. In this article we will see how Windows Installer can be abused to deliver malicious code, and how the famous ransomware Maze uses this type of technic. Create malicious MSI files An MSI file is a compressed database [...]
Malware developers are always looking for new technics to bypass security systems. In this article we will see how Windows Installer can be abused to deliver malicious code, and how the famous ransomware Maze uses this type of technic. Create malicious MSI files An MSI file is a compressed database ...
What is threat hunting and why we need it now ? Threat hunting designates all the activities conducted by a threat hunter or a cyberthreat analyst in order to find hidden persistent threats inside an organization’s infrastructure. Abnormal events such as a connection to an unknown server, access to a sensitive process memory or a DLL injection are some examples of what a ...
