Identifying Named Pipe Impersonation and Other Malicious Privilege Escalation Techniques

Image Credit
Advertisement


Privilege escalation is one of the key components of any attack that involves penetrating a system. If threat actors have limited access due to a current user’s privilege levels, they will naturally aim to escalate their privileges before expanding the scope of the attack. How can security professionals detect malicious escalation techniques before adversaries get a chance to compromise critical systems and sensitive data?

There are several ways to do that, but let’s focus specifically on one of the tricks most commonly employed by malware developers and attackers: the named pipe impersonation technique.

Advertisement