Source |
Security Affairs |
Identifiant |
1073299 |
Date de publication |
2019-03-20 07:50:02 (vue: 2019-03-20 21:01:15) |
Titre |
The Document that Microsoft Eluded AppLocker and AMSI |
Texte |
Experts analyzed an Office document containing a payload that is able to bypass Microsoft AppLocker and Anti-Malware Scan Interface (AMSI), Introduction Few days ago, during intel sources monitoring operation, the Cybaze-Yoroi ZLAB team encountered an interesting Office document containing some peculiarities required a deeper analysis: its payload includes techniques suitable to bypass modern Microsoft security mechanisms […]
|
Envoyé |
Oui |
Condensat |
able affairs ago amsi analysis: analyzed anti appeared applocker bypass containing cybaze days deeper document during eluded encountered experts first includes intel interesting interface introduction its malware mechanisms microsoft modern monitoring office operation payload peculiarities post required scan security some sources suitable team techniques yoroi zlab |
Tags |
|
Stories |
|
Notes |
|
Move |
|