Note: This is a summary from the RSS feed. For the complete article with full details, please visit the original post on the Elastic Blog.
← Back to Blog
What you need to know about Process Ghosting, a new executable image tampering attack
Executive Summary
Several common process tampering attacks exploit the gap between process creation and when security products are notified. Elastic Security detects a variety of such techniques, including Doppelgänging, Herpaderping, and a new technique: Ghosting
Full Article
Several common process tampering attacks exploit the gap between process creation and when security products are notified. Elastic Security detects a variety of such techniques, including Doppelgänging, Herpaderping, and a new technique: Ghosting
Need help implementing these features or optimizing your Elasticsearch cluster?
Schedule a Consultation