legal contact rss

Nach Autor gefiltert: M. Paulli     Alle Artikel anzeigen

Remcos RAT

In an article about a RAT, DarkReading writes how a (quite) old method is used to bypass UAC. So called mock directories are used. A corresponding "basics article" is also linked. You should definitely read it to check the SIEM for such patterns of "shadow directories"