A new Moonwalk++ proof-of-concept (PoC) shows how malware can spoof Windows call stacks while staying encrypted in memory, bypassing modern EDR detection. The research highlights blind spots in stack-based telemetry increasingly relied on by enterprise defenders. “Public detection tools fail entirely to recognize the call stack tampering,” said the researcher. Moonwalk++ Shows the Limits of […]
First seen on esecurityplanet.com
Jump to article: www.esecurityplanet.com/threats/moonwalk-bypasses-edr-by-spoofing-windows-call-stacks/
