“Pool Party” process injection techniques evade EDRs | allinfosecnews.com

Dec. 12, 2023, 10:56 a.m. | Zeljka Zorz

Help Net Security www.helpnetsecurity.com

SafeBreach researchers have discovered eight new process injection techniques that can be used to covertly execute malicious code on Windows systems. Dubbed “Pool Party” because they (ab)use Windows thread pools, these process injection techniques work across all processes and, according to the researchers, they went undetected when tested against five leading EDR/XDR solutions, namely: Palo Alto Cortex, SentinelOne EDR, CrowdStrike Falcon, Microsoft Defender For Endpoint, and Cybereason EDR. “Pool Party” process injection techniques “Process injection … More →

The post …

code crowdstrike cybereason don't miss edr edrs endpoint security evade hot stuff injection malicious microsoft palo alto networks party poc pool party process processes process injection research researchers safebreach sentinelone solutions systems techniques threat detection undetected windows work xdr

More from www.helpnetsecurity.com / Help Net Security

A closer look at Apiiro’s SHINE partner program 9 hours ago | www.helpnetsecurity.com

adam apiiro api security application security +24

Why cloud vulnerabilities need CVEs 17 hours ago | www.helpnetsecurity.com

cloud cloud environments cloud vulnerabilities common vulnerabilities and exposures +26

Making cybersecurity more appealing to women, closing the skills gap 18 hours ago | www.helpnetsecurity.com

cco challenges current cybersecurity +26

Cybersecurity jobs available right now: May 1, 2024 18 hours ago | www.helpnetsecurity.com

adversary adversary simulation application applications +23

Building a strong cloud security posture 19 hours ago | www.helpnetsecurity.com

building cloud cloud security cloud security posture +20

Essential steps for zero-trust strategy implementation 19 hours ago | www.helpnetsecurity.com

budget cybersecurity cybersecurity budget fourth quarter +12

Infosec products of the month: April 2024 20 hours ago | www.helpnetsecurity.com

akamai april bitdefender cyber +37

Adaptive Shield unveils SaaS security for AI 1 day, 8 hours ago | www.helpnetsecurity.com

adaptive shield and response applications apps +28

Onyxia launches AI-powered predictive insights to optimize security management 1 day, 9 hours ago | www.helpnetsecurity.com

address ai-powered can challenges +24

Azure DevSecOps Cloud Engineer II

@ Prudent Technology | McLean, VA, USA

View on infosec-jobs.com

Security Engineer III - Python, AWS

@ JPMorgan Chase & Co. | Bengaluru, Karnataka, India

View on infosec-jobs.com

SOC Analyst (Threat Hunter)

@ NCS | Singapore, Singapore

View on infosec-jobs.com

Managed Services Information Security Manager

@ NTT DATA | Sydney, Australia

View on infosec-jobs.com

Senior Security Engineer (Remote)

@ Mattermost | United Kingdom

View on infosec-jobs.com

Penetration Tester (Part Time & Remote)

@ TestPros | United States - Remote

View on infosec-jobs.com