Dirty Vanity: A New Approach to Code Injection & EDR Bypass | allinfosecnews.com

March 31, 2023, 7:30 p.m. | Black Hat

Black Hat www.youtube.com

This talk showcases yet another new code injection technique (I know, bear with me), nicknamed Dirty Vanity. This technique challenges current injection detection and prevention means while opening a wider spectrum of attacks that challenges common concepts of EDR TTPs. This technique abuses the lesser-known forking mechanism which is built in Windows operating systems. In the talk, we will cover the forking mechanism's internals, and common means to activate it...

By: Eliran Nissan

Full Abstract and Presentation Materials: https://www.blackhat.com/eu-22/briefings/schedule/#dirty-vanity-a-new-approach-to-code-injection--edr-bypass-28417

attacks bear bypass challenges code code injection concepts current detection edr injection nissan operating systems prevention spectrum systems ttps vanity windows

More from www.youtube.com / Black Hat

Locknote: Conclusions and Key Takeaways from Day 2 1 week, 6 days ago | www.youtube.com

black hat black hat europe board board members +15

Locknote: Conclusions and Key Takeaways from Day 1 1 week, 6 days ago | www.youtube.com

black hat black hat europe board board members +16

Keynote: My Lessons from the Uber Case 1 week, 6 days ago | www.youtube.com

addition best practices case convicted +16

Keynote: Industrialising Cyber Defence in an Asymmetric World 2 weeks ago | www.youtube.com

adversaries challenge cyber cyber defence +10

The Black Hat Europe Network Operations Center (NOC) Report 2 weeks ago | www.youtube.com

back black hat black hat europe center +14

My Invisible Adversary: Burnout 2 weeks, 4 days ago | www.youtube.com

adversary attackers attacks burnout +11

The Magnetic Pull of Mutable Protection: Worked Examples in Cryptographic Agility 2 weeks, 4 days ago | www.youtube.com

analysis ask bad codeql +10

A World-View of IP Spoofing in L4 Volumetric DoS Attacks - and a Call to … 2 weeks, 5 days ago | www.youtube.com

attacks call cloudflare detection +10

Collide+Power: The Evolution of Software-based Power Side-Channels Attacks 2 weeks, 5 days ago | www.youtube.com

addition attacks build collide+power +14

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Cyber Threat Analyst

@ Peraton | Morrisville, NC, United States

View on infosec-jobs.com

Kyndryl Offensive Security Professional - Threat-Led Penetration Testing (TLPT) and Red Teaming

@ Kyndryl | Sao Paulo (KBR51645) WeWork Office

View on infosec-jobs.com

Consultant en Cyber Sécurité - Spécialiste PKI H/F

@ Devoteam | Levallois-Perret, France

View on infosec-jobs.com

Cloud Security Architect - Advisor (Remote)

@ Fannie Mae | Reston, VA, United States

View on infosec-jobs.com

OT Cybersecurity Engineer

@ SBM Offshore | Bengaluru, IN, 560071

View on infosec-jobs.com