all InfoSec news
ALPChecker – Detecting Spoofing and Blinding Attacks by Anastasiia Kropova and Igor Korkin #HITB2023HKT #COMMSEC
Dec. 23, 2023, 8:55 p.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
In recent years, Windows OS has faced a surge in attacks exploiting kernel drivers, notably targeting AV and EDR systems. The vulnerable Asynchronous Local Procedure Call (ALPC) technology, vital for client-server interactions, lacks essential safeguards, as demonstrated in successful attacks at LABScon 2022 and Ekoparty 2022.
To address ALPC vulnerabilities, we propose ALPChecker, a proactive security tool detecting kernel mode attacks by checking client and server ALPC ports. It plays a critical role in preventing bypassing and disabling of Windows …
alpc asynchronous attacks call client drivers edr exploiting kernel kernel drivers labscon local procedure safeguards server spoofing systems targeting technology vulnerable windows windows os
More from malware.news / Malware Analysis, News and Indicators - Latest topics
What the Biggest-Ever Botnet Takedown Means
1 day, 6 hours ago |
malware.news
Nearly 6M WordPress sites may be affected by bugs in 3 plug-ins
1 day, 9 hours ago |
malware.news
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC