Cyber Security

Spoofing antivirus software to disable security scanning for Windows Defender

Photo of liralbes liralbes Send an email 46 minutes ago
0 0 Less than a minute
Spoofing antivirus software to disable security scanning for Windows Defender

This is not an easy task, as Windows has checks that make sure the antivirus is real, involving registry names and signature binary files. The researchers used tools such as DNSpy, Process Monitor, and manual checking to see how legitimate antivirus tools are performing when WSC registration is registered.

Es3N1N added: “Starting with my courtesy last year, I know that WSC has somehow verified the process called these APIs, and my guess is that they are verifying the signature, which is really a correct guess.”

After requesting under the DMCA of the software vendor, the early project No-defender of ES3N1N was removed from GitHub.

Photo of liralbes liralbes Send an email 46 minutes ago
0 0 Less than a minute
Photo of liralbes

liralbes

Related Articles

8 security risks of rushing to implement AI

8 security risks of rushing to implement AI

4 hours ago
PassWortfreie Authentifizierung: So Gelingt der Umstieg auf Pki

PassWortfreie Authentifizierung: So Gelingt der Umstieg auf Pki

8 hours ago
Disaster Prescription: Sensitive patient data leaked

Disaster Prescription: Sensitive patient data leaked

3 days ago
“Want to pay a bounty than a ransom”: Coinbase on million ransom attempt

“Want to pay a bounty than a ransom”: Coinbase on $20 million ransom attempt

3 days ago

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button