Friday 26 June 2026 09:13:35 GMT+02:00

Netcrook

HomeManifesto
News
Corporate Security IncidentsCloud, SaaS & Identity SecurityIndustrial Cybersecurity & Critical InfrastructureCyber Intelligence, TrendsAI Security & Agentic SystemsCyber Intelligence & Threat TrendsCyber WarfareCyber Warfare & Nation-State OperationsCyber CriminalityBreaches & Data LeaksCybercrimeMalware & BotnetsRansomware & ExtortionSecurity Awareness & Social EngineeringLegal PolicyLegal, Policy & Government CybersecurityPrivacy, Regulation & ComplianceTechnology, InnovationTechnology, Innovation & Digital InfrastructureVulnerabilities Patch ManagementResearch, Exploits & Offensive SecurityVulnerabilities & Patch Management
Techcrook
Tutte le tecnologieIdentita e accessoFirewall e reteBackup e archiviazioneEnergia e continuitaPrivacy e sicurezza fisicaLaboratorio e prototipazioneStampa e tracciabilitaTecnologia quotidiana
Geocrook
AfricaAsiaEuropeMiddle EastNorth AmericaOceaniaSouth America
WikicrookTeamAppContact
EnglishItalianoArabic

#EDR bypass

Ghost Frames Turns the Endpoint’s Own Memory of Itself Into the Weak Link

22 June 2026 14:45Research, Exploits & Offensive SecurityEurope / FinlandDEBUGSAGE

A reported call-stack manipulation technique puts a rare kind of pressure on EDR: if the stack can be made to look normal, one of its best context signals can become less useful.

#Ghost Frames | #EDR bypass | #call-stack detection

A Ransomware Brand With Old Habits and New Evasion Tricks

04 June 2026 10:26Ransomware & ExtortionLOGICFALCON

Payouts King is being described as a post-BlackBasta threat that pairs social engineering overlap with code designed to frustrate some endpoint defenses.

#Payouts King | #EDR bypass | #direct syscalls

When the Startup Path Becomes the Attack Path

01 June 2026 14:28Cyber Warfare & Nation-State OperationsMiddle East / IranAGONY

A reported .NET abuse chain shows how defenders can lose visibility before an application fully settles, especially when startup manipulation is paired with DLL sideloading and recruitment-themed lures.

#AppDomainManager hijack | #EDR bypass | #DLL sideloading

When Signed Drivers Become the Weapon: The BYOVD Path into Ransomware

13 May 2026 09:48Malware & BotnetsNorth America / USAIRONQUERY

A Windows trust mechanism meant to protect endpoints can be turned against them, letting attackers use vulnerable drivers to undermine security controls before ransomware takes hold.

#BYOVD | #Kaspersky | #endpoint defenses