all InfoSec news
Windows Defender detects shellcode in Registry hive
April 5, 2022, 1:33 p.m. | /u/visitedspace
cybersecurity www.reddit.com
According to Defender, it found shellcode inside the Windows registry hive at C:\\Windows\\System32\\config\\SOFTWARE.
Malware Name: Exploit:Win32/ShellCode.gen!J
Defender classifies this as "Severe".
I'm not a shellcode or RE expert, but what would be the use of a bad actor "hiding" shellcode in this registry file? My limited understanding of how shellcode works is it requires an execution environment. Shellcode …
cybersecurity defender hive registry shellcode windows windows defender
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Security Engineering Professional
@ Nokia | India
Cyber Intelligence Exercise Planner
@ Peraton | Fort Gordon, GA, United States
Technical Lead, HR Systems Security
@ Sun Life | Sun Life Wellesley
SecOps Manager *
@ WTW | Thane, Maharashtra, India
Consultant Appels d'Offres Marketing Digital
@ Numberly | Paris, France