Illusion Gap - Antivirus Bypass

by Kasif Dekel
Nov. 25, 2017 0 comments www.cyberark.com Detection & Response antivirus malware

During our research, CyberArk Labs encountered a strange behavior in the file scanning process of Windows Defender. This problem may possibly exist in other anti-viruses, which we have not yet tested. This behavior led us to investigate the Antivirus scanning process over SMB shares and the outcome is a surprising cause for concern.

https://www.cyberark.com/threat-research-blog/illusion-gap-antivirus-bypass-part-1/