Red Teaming in the age of EDR: Evasion of Endpoint Detection Through Malware Virtualisation

Authors: Boudewijn Meijer && Rick Veldhoven Introduction As defensive security products improve, attackers must refine their craft. Gone are the days of executing malicious binaries from disk, especially ones well known to antivirus and Endpoint Detection and Reponse (EDR) vendors. Now, attackers focus on in-memory payload execution for both native and managed applications to evade … Continue reading Red Teaming in the age of EDR: Evasion of Endpoint Detection Through Malware Virtualisation →