Recent Exploit Trend and Mitigation, detection Tactics
When the system gets higher level of mitigations, the attackers have to move away from tradition method of exploits. This happens with adoption of Windows 10. With recent improvements with Windows mitigation technologies like CFG, traditional code execution methods of function pointer overwrite are out of date. Now, there are three main trends observed in the Windows 10 exploit scene.
- Hunt for RW (Read and write) primitives and acquire full view of the memory
- Find logical vulnerabilities and exploit them
- Rely more on social engineering to execute malicious code