all InfoSec news
When the Absence of Noise Becomes Signal: Defensive Considerations for Lazarus FudModule
Malware Analysis, News and Indicators - Latest topics malware.news
In February 2023, X-Force posted a blog entitled “Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers” that details the capabilities of a sample attributed to the Lazarus group leveraged to impair visibility of the malware’s operations. This blog will not rehash analysis of the Lazarus malware sample or Event Tracing for Windows (ETW) as that has been previously covered in the X-Force blog post. This blog will focus on highlighting the opportunities for detection of the FudModule …
analysis attacks blog blog post capabilities defensive event february kernel lazarus lazarus group malware manipulation noise object operations signal tracing visibility windows x-force