all InfoSec news
DFSP # 409 - Regsvcs and Regasm Abuse
Digital Forensic Survival Podcast digitalforensicsurvivalpodcast.libsyn.com
This week I’m talking about Regsvcs /Regasm exploitation, which is a Windows tactic attackers use to evade defense mechanisms and execute code. Specifically, this technique can be used to bypass process whitelisting and digital certificate validation. I'll break down some interpretation methods that may be used to identify such exploitation....
abuse attackers bypass certificate code defense digital digital certificate down evade exploitation identify may process tactic talking validation week whitelisting windows