DLL Hijacking – A New Spin on Proxying your Shellcode
Summary
This article announces a webcast from Black Hills Information Security that delves into the intricacies of DLL hijacking. It features new techniques for malicious code proxying, showcasing comprehensive methods in this area.
IFF Assessment
FOE
This article details a technique that can be used for malicious code execution, making it bad news for defenders.
Defender Context
DLL hijacking is a common attack technique where an executable is tricked into loading a malicious DLL instead of a legitimate one. Defenders should be aware of new proxying techniques that could be used to evade detection and monitor for unusual DLL loading patterns or suspicious file modifications in system directories.