Sysmon for Windows 10 gets malware process tampering detection

Found 7 days ago at The Windows Club

In version 13 of the tool, Microsoft has added the capacity to detect the process hollowing technique used by attackers. Process hollowing is used to execute unauthorized and malicious commands on an infected Windows system even though the actions are shown to be coming from a legitimate process of the OS. Besides, the latest version of Sysmon would also contain protection from process...

Read the article at The Windows Club

More Windows News