Fileless UAC Bypass Uses Windows Backup and Restore Utility

Researcher Matt Nelson disclosed another Windows UAC bypass, this one abusing the sdclt.exe backup and restore utility to execute a payload without triggering an alert. Continue reading Fileless UAC Bypass Uses Windows Backup and Restore Utility