Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers
Overview In this post, IBM Security X-Force Red offensive hackers analyze how attackers, with elevated privileges, can use their access to stage Windows Kernel post-exploitation capabilities. Over the last few years, public accounts have increasingly shown that less sophisticated attackers are using this technique to achieve their objectives. It is therefore important that we put […]
The post Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers appeared first on Security Intelligence.
Continue reading Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers