all InfoSec news
ALPChecker – Detecting Spoofing and Blinding Attacks by Anastasiia Kropova and Igor Korkin #HITB2023HKT #COMMSEC
Dec. 23, 2023, 8:55 p.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
In recent years, Windows OS has faced a surge in attacks exploiting kernel drivers, notably targeting AV and EDR systems. The vulnerable Asynchronous Local Procedure Call (ALPC) technology, vital for client-server interactions, lacks essential safeguards, as demonstrated in successful attacks at LABScon 2022 and Ekoparty 2022.
To address ALPC vulnerabilities, we propose ALPChecker, a proactive security tool detecting kernel mode attacks by checking client and server ALPC ports. It plays a critical role in preventing bypassing and disabling of Windows …
alpc asynchronous attacks call client drivers edr exploiting kernel kernel drivers labscon local procedure safeguards server spoofing systems targeting technology vulnerable windows windows os
More from malware.news / Malware Analysis, News and Indicators - Latest topics
New Redline Version: Uses Lua Bytecode, Propagates Through GitHub
1 day, 4 hours ago |
malware.news
Showcasing Artwork by Max for Autism Awareness Month
1 day, 18 hours ago |
malware.news
Kaiser Permanente notifies 13.4M patients of potential data exposure
1 day, 19 hours ago |
malware.news
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Network Security Engineer
@ Meta | Menlo Park, CA | Remote, US
Security Engineer, Investigations - i3
@ Meta | Washington, DC
Threat Investigator- Security Analyst
@ Meta | Menlo Park, CA | Seattle, WA | Washington, DC
Security Operations Engineer II
@ Microsoft | Redmond, Washington, United States
Engineering -- Tech Risk -- Global Cyber Defense & Intelligence -- Bug Bounty -- Associate -- Dallas
@ Goldman Sachs | Dallas, Texas, United States