Security News > 2017 > March > DoubleAgent attack uses built-in Windows tool to hijack applications (Help Net Security)
2017-03-22 21:06
Security researchers from computer and network security outfit Cybellum have revealed a new zero-day code injection and persistence technique that can be used by attackers to take over applications and entire Windows machines. They demonstrated the attack on antivirus solutions, and ultimately dubbed it DoubleAgent, as it turns the antivirus security agent into a malicious agent. The DoubleAgent attack “DoubleAgent exploits a legitimate tool of Windows called ‘Microsoft Application Verifier’ which is a tool included … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/zUqIFK9Vqcc/
Related news
- AI-Powered SaaS Security: Keeping Pace with an Expanding Attack Surface (source)
- EncryptHub linked to MMC zero-day attacks on Windows systems (source)
- WinRAR flaw bypasses Windows Mark of the Web security alerts (source)
- New TCESB Malware Found in Active Attacks Exploiting ESET Security Scanner (source)
- Microsoft: Windows 'inetpub' folder created by security fix, don’t delete (source)
- Don't delete that mystery empty folder. Windows put it there as a security fix (source)
- Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) (source)
- Windows NTLM hash leak flaw exploited in phishing attacks on governments (source)
- Linux 'io_uring' security blindspot allows stealthy rootkit attacks (source)
- Windows "inetpub" security fix can be abused to block future updates (source)