all InfoSec news
Hiding In The Windows Event Log
Malware Analysis, News and Indicators - Latest topics malware.news
In May 2022, Kaspersky published a write-up on a newly-discovered campaign where malware authors wrote shellcode to the Windows Event Log. This was pretty interesting, and just about 4 months later, Tim Fowler published this blog post over at BlackHillsInfoSec, digging into this a bit deeper and offering several variations of the technique up to red teamers.
Now, I found this technique interesting, not because it's not really something I'd seen before, but because of how Windows Event Logs, …
authors blackhillsinfosec blog blog post campaign event kaspersky log malware may may 2022 shellcode tim windows write-up