T1055 on sentinelchangelog.net

T1055 on sentinelchangelog.nethttp://sentinelchangelog.net/tags/t1055/Recent content in T1055 on sentinelchangelog.netHugo -- 0.157.0enTue, 26 May 2026 09:05:22 +0000Defender for Endpoint: Cryptographic Identity Baselining Hunting Query for Process Network Anomalieshttp://sentinelchangelog.net/posts/2026-05-26-pr-14333/Tue, 26 May 2026 09:05:22 +0000http://sentinelchangelog.net/posts/2026-05-26-pr-14333/New hunting query detects first-time network connections by processes using cryptographic signer baselining to defeat DLL sideloading and BYOTA attacks.ETW-Resistant .NET Fileless Injection Detection via Kernel-Level CLR Loadinghttp://sentinelchangelog.net/posts/2026-05-21-pr-14314/Thu, 21 May 2026 12:14:25 +0000http://sentinelchangelog.net/posts/2026-05-21-pr-14314/New hunting query detects fileless .NET execution even when attackers patch ETW by monitoring kernel-level .NET runtime DLL loading in native processes and untrusted paths.