The Latest in IT Security

PoC Malware Exploits Cloud Anti-Virus for Data Exfiltration

01
Aug
2017
PoC Malware Exploits Cloud Anti-Virus for Data Exfiltration

poc-malware-exploits-cloud-anti-virus-for-data-exfiltration

Security researchers at SafeBreach have created proof-of-concept (PoC) malware that can exfiltrate data from endpoints that don’t have a direct Internet connection by exploiting cloud-enhanced anti-virus (AV) agents.

Although highly secure enterprises might employ strict egress filtering, meaning that endpoints either have no direct Internet connection or have a connection restricted to hosts required by their legitimately installed software, data can be exfiltrated if cloud AV products are in use, the security researchers argue.

Presented at BlackHat USA 2017 by Itzik Kotler and Amit Klein from SafeBreach Labs, the PoC tool relies on packing data inside an executable the main malware process creates on the compromised endpoint.

Read More

Leave a reply


Categories

TUESDAY, OCTOBER 17, 2017

Featured

Archives

Latest Comments

Social Networks