Avi Lamay, Author at Deceptive Bytes - Active Endpoint Cyber Defense

Deceptive Bytes discovers DLL hijacking vulnerabilities in Microsoft’s SysInternals tools

Avi Lamay 2022-02-21

Background We previously covered DLL Hijacking when we discovered extensive vulnerabilities in .NET, which potentially open any .NET application to such attacks. Additionally, this is not the first time that

Recent attacks on European organizations

Avi Lamay 2021-11-24

Deceptive Bytes’ research team detected in recent days a wave of attacks on European organizations, while the attacks are not that sophisticated, they employ social engineering to make users run

Deceptive Bytes discovers additional .NET DLL hijacking vulnerability

Avi Lamay 2020-11-23

Background DLL hijacking (aka spoofing) is an attack on an application where the attacker uses a DLL the application tries to load that is missing or from an unexpected location

The “Early Bird Special” – a new twist on the “Early Bird” injection technique

Avi Lamay 2019-10-10

There are many injection techniques used by malware authors, from simply calling CreateRemoteThread to advance ones like AtomBombing, PROPagate & others. How basic DLL injections work? Usually when a malware

Deception in real-world situations

Avi Lamay 2019-09-04

A few days ago it was reported that Israel’s Defense Forces has used deception against Hezbollah, making the latter believe its strike against the IDF was successful and caused several

Endpoint protection & misconceptions

Avi Lamay 2019-07-09

#1 – Agentless is not really agentless While it’s true that with agentless products you don’t install the vendor’s components on the endpoint itself, the vendor’s server still utilizes existing

Tricks used by malware authors to protect their malicious code from detection

Avi Lamay 2018-07-09

In our last two posts we’ve shown how vendors like Symantec and Microsoft (among others) miss detecting threats due to the nature of how their engines operate. So how do

Deceptive Bytes found detection issues in Microsoft’s Windows Defender

Avi Lamay 2018-06-14

Symantec’s Endpoint Protection is not the only Anti-malware engine that has issues related to detection, as we stated before. We have found issues with Microsoft’s Windows Defender engine, which is

Deceptive Bytes found detection issues in Symantec Endpoint Protection

Avi Lamay 2018-05-17

In previous posts we explained that traditional Anti-malware software is not working anymore and we gave tips on how to improve your security with non-security tools. But why is your

Smartrev’s Israeli cyber startup observatory (Jan-2018)

Avi Lamay 2018-02-11

We were recently listed in Smartrev Cybersec‘s first Israeli cyber startup observatory (Jan-2018 edition) Go to CyberStartupObservatory.com to learn more about Israel’s cyber startup landscape.

BLOG

Learn What's New With Us And In Cyber Security

Deceptive Bytes discovers DLL hijacking vulnerabilities in Microsoft’s SysInternals tools

Recent attacks on European organizations

Deceptive Bytes discovers additional .NET DLL hijacking vulnerability

The “Early Bird Special” – a new twist on the “Early Bird” injection technique

Deception in real-world situations

Endpoint protection & misconceptions

Tricks used by malware authors to protect their malicious code from detection

Deceptive Bytes found detection issues in Microsoft’s Windows Defender

Deceptive Bytes found detection issues in Symantec Endpoint Protection

Smartrev’s Israeli cyber startup observatory (Jan-2018)

CONTACT US

Request a free trial or send us a message

Threats

Use-cases

Solution

Resources

Contact us

2022 Deceptive Bytes © All rights reserved