null Global Committee elections are coming up! See the election repository for more information.

Abstract

Malware development has evolved to leverage legitimate tools like Microsoft Build (MSBuild), a framework traditionally used for automating application builds, to execute malicious payloads without detection. This technique enables attackers to embed harmful scripts into XML project files, bypassing traditional security mechanisms by abusing trusted system processes. The talk will delve into how such methodologies are employed to evade endpoint defenses, focusing on advanced tactics like reflective DLL injection, process hollowing, and fileless execution. Understanding these approaches equips security professionals with the knowledge to detect and mitigate threats by identifying unusual system behavior, implementing strict code execution policies, and leveraging advanced endpoint protection tools

Speaker

Suraj Khetani

Timing

Starts at Saturday January 11 2025, 05:05 PM. The sessions runs for 40 minutes.

Resources