I published the following diary on isc.sans.org: “Investigating Microsoft BITS Activity“:
Microsoft BITS (“Background Intelligent Transfer Service”) is a tool present[1] in all modern Microsoft Windows operating systems. As the name says, you can see it as a “curl” or “wget” tool for Windows. It helps to transfer files between a server and a client but it also has plenty of interesting features. Such a tool, being always available, is priceless for attackers. They started to use BITS to grab malicious contents from the Internet… [Read more]
[The post [SANS ISC] Investigating Microsoft BITS Activity has been first published on /dev/random]
from Xavier
No comments:
Post a Comment