all InfoSec news
LOLBINed — Abusing Sysinternals BgInfo
Aug. 16, 2023, 10:30 p.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
LOLBINed — Abusing Sysinternals BgInfo
In 2017 Oddvar Moe published a blog post on how he was able to use BgInfo to bypass application whitelisting. This finding is documented on LOLBAS and it still works today.
https://lolbas-project.github.io/lolbas/OtherMSBinaries/Bginfo/While looking at this Lolbin this past week. I found that you can achieve the same effect by using the registry instead of a “.bgi” file.
Note: for a better reading experience its best to give Oddvar’s blog a read and then …
More from malware.news / Malware Analysis, News and Indicators - Latest topics
Wireshark 4.2.5 Released, (Sat, May 18th)
1 day, 2 hours ago |
malware.news
Leveling the cybersecurity playing field
1 day, 17 hours ago |
malware.news
Automated pentesting in the cloud
1 day, 17 hours ago |
malware.news
How to revamp your cybersecurity in the middle of the chaos
1 day, 17 hours ago |
malware.news
6K-plus AI models may be affected by critical RCE vulnerability
1 day, 19 hours ago |
malware.news
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Senior Security Analyst
@ Oracle | United States
Associate Vulnerability Management Specialist
@ Diebold Nixdorf | Hyderabad, Telangana, India
Cybersecurity Architect, Infrastructure & Technical Security
@ KCB Group | Kenya