itman 1,743 Posted June 20, 2021 Share Posted June 20, 2021 Quote Cybersecurity researchers have disclosed a new executable image tampering attack dubbed "Process Ghosting" that could be potentially abused by an attacker to circumvent protections and stealthily run malicious code on a Windows system. https://thehackernews.com/2021/06/researchers-uncover-process-ghosting.html As I see it, memory scanning should detect any malicious code but only if Eset had a signature for it. Link to comment Share on other sites More sharing options...
Recommended Posts