Protected Processes Part 3: Windows PKI Internals (Signing Levels, Scenarios, Signers, Root Keys, EKUs & Runtime Signers)
In this last part of our series on protected processes in Windows 8.1, we’re going to be taking a look at the…
In this last part of our series on protected processes in Windows 8.1, we’re going to be taking a look at the…
In this continuing series on the improvements of the protected process mechanism in Windows, we’ll move on past the single use case…
Many of CrowdStrike’s customers are often targeted by email phishing campaigns and strategic web compromises (also known as watering-hole attacks). These attacks…
It was more than six years ago that I first posted on the concept of protected processes, making my opinion of this poorly thought-out DRM…
As some of you may know, back in June of 2013, I gave a talk at Recon, a security conference in Montreal, about KASLR Information…
In November, 2013, the popular and widely used Java RAT named Adwind began being sold under the new name UNRECOM (UNiversal REmote…
On November 5, 2013, Microsoft announced that a vulnerability in the Microsoft Graphics Component could allow Remote Code Execution (RCE). This announcement attracted immediate…
To look back one year in the life of technology is a long time, so 16 years could be considered almost an…
As the situation on the ground in Syria continues to deteriorate, the Syrian Electronic Army (SEA) has made quite a few waves…
Recently, CrowdStrike has been tracking the activities of an adversary we’ve named Viceroy Tiger. During our research, we happened upon an interesting…