Reportar una Violación
Customer Portal
When Forensics Becomes Offensive: Abuse of FTK Imager in the STAC3725 Tradecraft
← Volver a Laboratorios
Medium
Bypass, Campaign
Defense Evasion
Windows, Sysmon, EDR

When Forensics Becomes Offensive: Abuse of FTK Imager in the STAC3725 Tradecraft

La campaña STAC3725 utiliza indebidamente FTK Imager para eludir los sistemas de defensa, poniendo de manifiesto una técnica sigilosa que adapta las herramientas forenses para garantizar una persistencia discreta en las operaciones previas al ransomware, convirtiendo una vez más en un arma un software de investigación legítimo.

Download PDF

labs correlati

RedSun: Turning Microsoft Defender into a Path to SYSTEM-Level Privilege Escalation
Medium
Bypass
Privilege Escalation
Windows, Sysmon, EDR

RedSun: Turning Microsoft Defender into a Path to SYSTEM-Level Privilege Escalation

Scopri di più
Learn more
BlueHammer windows Zero-Day
Medium
Bypass
Privilege Escalation
Windows, Sysmon, EDR

BlueHammer windows Zero-Day

Scopri di più
Learn more
Weaponizing Windows Toast Notifications Abuse of ToastNotify.exe for Phishing and Credential Coercion
Medium
Bypass
Defense Evasion
Windows, Sysmon, EDR

Weaponizing Windows Toast Notifications: Abuse of ToastNotify.exe for Phishing and Credential Coercion

Scopri di più
Learn more
1 2 3 5

Contacto

Proteja su negocio

Conózcanos
Sorint.Sec España
A/c Norrsken House Barcelona
Passeig del Mare Nostrum, 15
Ciutat Vella, 08039
Barcelona


+34 691 748976
info@sorintsec.es
Pages
Certificaciones
chevron-right