all InfoSec news
FortiEDR coverage: PoolParty Code Injection Technique
Jan. 4, 2024, 8:18 a.m. |
FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com
On December 6, researchers from SafeBreach published a new code injection technique for Windows OS called "Pool Party" in the Blackhat EU briefing.
The "Pool Party" technique allows injecting processes using the WINAPI thread pool and relies on the fact that every process has an automatically enabled thread pool. It then uses the API on the target process to add new routines to the existing thread pool.
Why is this Significant?
The new injection technique implements …
attack blackhat briefing called code code injection december fact fortiedr injection injection technique party pool party process processes researchers safebreach what is winapi windows windows os
More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report
Tinyproxy use-after-free Vulnerability (CVE-2023-49606)
1 week, 2 days ago |
fortiguard.fortinet.com
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Security Operations Manager-West Coast
@ The Walt Disney Company | USA - CA - 2500 Broadway Street
Vulnerability Analyst - Remote (WFH)
@ Cognitive Medical Systems | Phoenix, AZ, US | Oak Ridge, TN, US | Austin, TX, US | Oregon, US | Austin, TX, US
Senior Mainframe Security Administrator
@ Danske Bank | Copenhagen V, Denmark