itman 1,924 Posted June 20, 2021 Posted June 20, 2021 Quote Cybersecurity researchers have disclosed a new executable image tampering attack dubbed "Process Ghosting" that could be potentially abused by an attacker to circumvent protections and stealthily run malicious code on a Windows system. https://thehackernews.com/2021/06/researchers-uncover-process-ghosting.html As I see it, memory scanning should detect any malicious code but only if Eset had a signature for it.
Recommended Posts