Call stack spoofing explained using APT41 malware

Summary Call stack spoofing isn’t a new technique, but it has become more popular in the last few years. Call stacks are a telemetry source for EDR software that can be used to determine if a process made suspicious actions (requesting a handle to the lsass process, writing suspicious code to a newly allocated area, […]

Call stack spoofing explained using APT41 malware Read More »