all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

DFSP # 409 - Regsvcs and Regasm Abuse

Add to bookmarks
Dec. 19, 2023, 5:03 a.m. |

Digital Forensic Survival Podcast digitalforensicsurvivalpodcast.libsyn.com

This week I’m talking about Regsvcs /Regasm exploitation, which is a Windows tactic attackers use to evade defense mechanisms and execute code. Specifically, this technique can be used to bypass process whitelisting and digital certificate validation. I'll break down some interpretation methods that may be used to identify such exploitation....

abuse attackers bypass certificate code defense digital digital certificate down evade exploitation identify may process tactic talking validation week whitelisting windows

Visit resource

More from digitalforensicsurvivalpodcast.libsyn.com / Digital Forensic Survival Podcast

DFSP # 428 - It’s all about that XML 3 days, 15 hours ago | digitalforensicsurvivalpodcast.libsyn.com
artifacts compromise events evidence +9
DFSP # 427 - MOF Balls 1 week, 3 days ago | digitalforensicsurvivalpodcast.libsyn.com
app artifact attackers dfir +11
DFSP # 426 - SSH Forensics: Log Analysis 2 weeks, 3 days ago | digitalforensicsurvivalpodcast.libsyn.com
analysis analyst forensics important +9
DFSP # 425 - SSH Forensics: Host-Based Artifacts 3 weeks, 3 days ago | digitalforensicsurvivalpodcast.libsyn.com
artifacts explained fast forensics +7
DFSP # 424 - SSH Forensics: Understanding Secure Shell 1 month ago | digitalforensicsurvivalpodcast.libsyn.com
access basics communications concepts +18
DFSP # 423 - Guiding Lights: Cyber Investigations Investigation Lifecycle 1 month, 1 week ago | digitalforensicsurvivalpodcast.libsyn.com
aspect clear cyber cyber investigations +18
DFSP # 422 - EVTX Express: Cracking into Windows Logs Like a Pro 1 month, 2 weeks ago | digitalforensicsurvivalpodcast.libsyn.com
access cracking event event logs +17
DFSP # 421 - Memory Lane: Fileless Linux Attacks Unraveled 1 month, 3 weeks ago | digitalforensicsurvivalpodcast.libsyn.com
anonymous attacks data data storage +19
DFSP # 420 - Failing, Stopping and Crashing 1 month, 4 weeks ago | digitalforensicsurvivalpodcast.libsyn.com
event exploitation forensic investigations +11

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Security Engineer - Detection and Response

@ Fastly, Inc. | US (Remote)
View on infosec-jobs.com

Application Security Engineer

@ Solidigm | Zapopan, Mexico
View on infosec-jobs.com

Defensive Cyber Operations Engineer-Mid

@ ISYS Technologies | Aurora, CO, United States
View on infosec-jobs.com

Manager, Information Security GRC

@ OneTrust | Atlanta, Georgia
View on infosec-jobs.com

Senior Information Security Analyst | IAM

@ EBANX | Curitiba or São Paulo
View on infosec-jobs.com

Senior Information Security Engineer, Cloud Vulnerability Research

@ Google | New York City, USA; New York, USA
View on infosec-jobs.com
View more jobs