Here’s a little trick we’d like to share in the end-of-year rush: DDE is the new black, malware authors quickly adopted the technique and so did pentesters and red teams in order to simulate the latest attacks. According to our experience trivial DDE payloads (like fully readable PowerShell scripts) slip through conventional detections, but process monitoring … Continued
↧