Although many principles of deception have been applied in military and intelligence domains for many years it has only been applied within the enterprise space for the past few years as technology and understanding has grown to provide cyber defenders with a new capability.
A common means of attack used by the WannaCry and Slingshot malware, among others, is through kernel code injections. The recently released Windows 10 Creators Update introduces new techniques for mitigating against remote code execution, of which, one to pay attention to is the Arbitrary Code Guard – an update on the Dynamic Code Restrictions mitigation.
It is no secret that cybercrime is growing at times and its attacks are increasingly sophisticated and harmful for organizations. No one is safe from being the victim of an attack, being attacked is only a matter of time.