Iran-linked hackers have upgraded their tradecraft by using AppDomainManager hijacking in .NET applications to turn off security telemetry before malicious code fully starts, making endpoint detection and response tools much harder to spot the attack. The campaign, attributed to the Iran-nexus group Screening Serpens, pairs this technique with DLL sideloading, fake job lures, and staged […]

The post Iranian Hackers Hijack AppDomainManager to Bypass EDR appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Mayura Kathir

Source: gbHackers
Source Link: https://gbhackers.com/iranian-hackers-hijack-appdomainmanager/