{"id":2350,"date":"2022-05-09T14:38:19","date_gmt":"2022-05-09T12:38:19","guid":{"rendered":"https:\/\/www.apvnorge.no\/?p=2350"},"modified":"2022-05-09T14:38:22","modified_gmt":"2022-05-09T12:38:22","slug":"hackers-are-now-hiding-malware-in-windows-event-logs","status":"publish","type":"post","link":"https:\/\/www.apvnorge.no\/cz\/hackers-are-now-hiding-malware-in-windows-event-logs\/","title":{"rendered":"Hackers are now hiding malware in Windows Event Logs"},"content":{"rendered":"<div id=\"apvno-2049763082\" class=\"apvno-before-content apvno-entity-placement\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7003427967427457\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:inline-block;width:970px;height:250px;\" \ndata-ad-client=\"ca-pub-7003427967427457\" \ndata-ad-slot=\"6272152047\"><\/ins> \n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div>\n<p class=\"has-cyan-bluish-gray-background-color has-background wp-block-paragraph\">Security researchers have noticed a malicious campaign that used Windows event logs to store malware, a technique that has not been previously documented publicly for attacks in the wild. The method enabled the threat actor behind the attack to plant fileless malware in the file system in an attack filled with techniques and modules designed to keep the activity as stealthy as possible.<br>Researchers at Kaspersky collected a sample of the malware after being a company product equipped with technology for behavior-based detection and anomaly control identified it as a threat on a customer&#8217;s computer\u2026<\/p>\n\n\n\n<p class=\"has-pale-cyan-blue-background-color has-background wp-block-paragraph\"><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/hackers-are-now-hiding-malware-in-windows-event-logs\/\">https:\/\/www.bleepingcomputer.com\/news\/security\/hackers-are-now-hiding-malware-in-windows-event-logs<\/a><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/hackers-are-now-hiding-malware-in-windows-event-logs\/\" target=\"_blank\" rel=\"noreferrer noopener\">\/<\/a><\/p>\n<div id=\"apvno-260601983\" class=\"apvno-after apvno-entity-placement\"><script>\r\n_adsys_id = 33949;\r\n_adsys_size = 1;\r\n<\/script>\r\n<script src=\"https:\/\/d.wedosas.net\/d.js\"><\/script>    \r\n<\/br>\r\n<div>\r\n<script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script>\r\n<!-- AD-4 -->\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:inline-block;width:970px;height:250px\"\r\n     data-ad-client=\"ca-pub-7003427967427457\"\r\n     data-ad-slot=\"6272152047\"><\/ins>\r\n<script>\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script><\/div>\r\n<a href=\"https:\/\/affiliates.ssl.com\/820-3-1-13.html\" target=\"_blank\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" style=\"border:0px\" src=\"https:\/\/i0.wp.com\/affiliates.ssl.com\/media\/banners\/SSL-banner-UC-certificate-2-v5.png?resize=640%2C79&#038;ssl=1\" width=\"640\" height=\"79\" alt=\"Microsoft Exchange SAN UCC SSL\"><\/a><\/div>","protected":false},"excerpt":{"rendered":"<p>Security researchers have noticed a malicious campaign that used Windows event logs to store malware, a technique that has not been previously documented publicly for attacks in the wild. The method enabled the threat actor behind the attack to plant fileless malware in the file system in an attack filled with techniques and modules designed [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":2124,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[44,7],"tags":[],"class_list":["post-2350","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hackers","category-ms-windows"],"translation":{"provider":"WPGlobus","version":"3.0.2","language":"cz","enabled_languages":["en","no","cz"],"languages":{"en":{"title":true,"content":true,"excerpt":false},"no":{"title":false,"content":false,"excerpt":false},"cz":{"title":false,"content":false,"excerpt":false}}},"aioseo_notices":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.apvnorge.no\/wp-content\/uploads\/2021\/02\/images.jpg?fit=275%2C183&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9T0bk-BU","jetpack-related-posts":[],"jetpack_likes_enabled":true,"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/posts\/2350","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/comments?post=2350"}],"version-history":[{"count":1,"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/posts\/2350\/revisions"}],"predecessor-version":[{"id":2351,"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/posts\/2350\/revisions\/2351"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/media\/2124"}],"wp:attachment":[{"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/media?parent=2350"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/categories?post=2350"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/tags?post=2350"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}