Bleeping Computer

Microsoft Sysmon can now block malicious EXEs from being created

Microsoft has released Sysmon 14 with a new 'FileBlockExecutable' option that lets you block the creation of malicious executables, such as EXE, DLL, and SYS files, for better protection against ...
Bleeping Computer

Microsoft Sysmon now detects malware process tampering attempts

Microsoft has released Sysmon 13 with a new security feature that detects if a process has been tampered using process hollowing or process herpaderping techniques. To evade detection by security ...