December 8, 2023 By Pierluigi Paganini
Researchers devised a novel attack vector for process injection, dubbed Pool Party, that evades EDR solutions.
Researchers from cybersecurity firm SafeBreach devised a set of process injection techniques, dubbed Pool Party, that allows bypassing EDR solutions. They presented the technique at Black Hat Europe 2023.
The experts relied on the less-explored Windows thread pools to discover a novel attack vector for process injection.
The researchers discovered eight new process injection techniques that allowed them to trigger malicious execution as a result of a legitimate operation.
