{"id":1157,"date":"2024-10-22T18:11:40","date_gmt":"2024-10-22T16:11:40","guid":{"rendered":"https:\/\/ayrilys.com\/?p=1157"},"modified":"2024-10-22T18:15:32","modified_gmt":"2024-10-22T16:15:32","slug":"des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection","status":"publish","type":"post","link":"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/","title":{"rendered":"Des attaquants d\u00e9tournent EDRSilencer pour \u00e9chapper \u00e0 la d\u00e9tection"},"content":{"rendered":"\n

Des attaquants d\u00e9tournent EDRSilencer pour \u00e9chapper \u00e0 la d\u00e9tection<\/strong><\/p>\n\n\n\n

R\u00e9sum\u00e9 de l’article :<\/strong><\/p>\n\n\n\n

EDRSilencer<\/strong>, un outil initialement con\u00e7u pour les tests de p\u00e9n\u00e9tration et les exercices de red team, a \u00e9t\u00e9 d\u00e9tourn\u00e9 par des pirates pour am\u00e9liorer leurs attaques. Cet outil utilise la Windows Filtering Platform (WFP)<\/strong> pour bloquer la communication r\u00e9seau des agents EDR (Endpoint Detection and Response), emp\u00eachant ainsi l\u2019envoi de donn\u00e9es t\u00e9l\u00e9m\u00e9triques et d\u2019alertes aux consoles de gestion.<\/p>\n\n\n\n

Les filtres WFP cr\u00e9\u00e9s par EDRSilencer ciblent les processus des outils EDR courants, comme Defender for Endpoint, SentinelOne, et Carbon Black. Ces filtres sont persistants et peuvent survivre aux red\u00e9marrages du syst\u00e8me, rendant les logiciels malveillants plus difficiles \u00e0 d\u00e9tecter et \u00e0 supprimer.<\/p>\n\n\n\n

Les chercheurs de Trend Micro ont confirm\u00e9 l\u2019efficacit\u00e9 de cet outil pour masquer la pr\u00e9sence de logiciels malveillants, rendant les syst\u00e8mes vuln\u00e9rables \u00e0 des attaques plus sophistiqu\u00e9es.<\/p>\n\n\n\n

D\u00e9tail de l’article :<\/strong><\/p>\n\n\n\n

Outil couramment utilis\u00e9 en red team, EDRSilencer a \u00e9t\u00e9 d\u00e9tourn\u00e9 de son usage par des pirates pour court-circuiter la plateforme de filtrage de Windows en emp\u00eachant les solutions de d\u00e9tection et de r\u00e9ponse \u00e0 incidents de signaler les malwares.<\/p>\n\n\n\n

\"La
La chaine d’attaque d’EDRSilencer. (cr\u00e9dit : Tred Micro)<\/figcaption><\/figure>\n\n\n\n

D\u00e9velopp\u00e9 pour les tests de p\u00e9n\u00e9tration et les exercices des \u00e9quipes offensives en cybers\u00e9curit\u00e9 (red team), EDRSilencer a \u00e9t\u00e9 trafiqu\u00e9 par des pirates afin d’am\u00e9liorer leurs attaques. Cet outil exploite la plateforme de filtrage Windows Filtering Platform (WFP) pour bloquer la communication r\u00e9seau des agents logiciels EDR, les emp\u00eachant ainsi d’envoyer des donn\u00e9es t\u00e9l\u00e9m\u00e9triques ou des alertes aux consoles de gestion surveill\u00e9es par les \u00e9quipes de s\u00e9curit\u00e9.<\/p>\n\n\n\n

\u00ab Cet outil apporte la preuve qu\u2019il est possible de d\u00e9tourner une technique de ses adversaires pour \u00e9chapper \u00e0 la d\u00e9tection : le blocage du trafic EDR peut masquer la pr\u00e9sence de logiciels sur un syst\u00e8me, ce qui les rend plus difficiles \u00e0 identifier et \u00e0 supprimer \u00bb, ont expliqu\u00e9 les chercheurs de l\u2019entreprise de s\u00e9curit\u00e9 Trend Micro dans un rapport<\/a>. L’\u00e9quipe de l’\u00e9diteur et ses chasseurs de menaces se sont int\u00e9ress\u00e9s de plus pr\u00e8s \u00e0 EDRSilencer et \u00e0 son fonctionnement apr\u00e8s avoir constat\u00e9 que des attaquants essayaient de l’int\u00e9grer dans leurs op\u00e9rations. Il s\u2019av\u00e8re que cet outil open-source s’inspire d’un outil propri\u00e9taire appel\u00e9 FireBlock, cr\u00e9\u00e9 par l\u2019entreprise britannique MDSec, sp\u00e9cialis\u00e9e dans la simulation d\u2019attaques et les tests de p\u00e9n\u00e9tration.<\/p>\n\n\n\n

De nombreux EDR r\u00e9duits au silence<\/h2>\n\n\n\n

WFP est un ensemble d’API et de services Windows que les d\u00e9veloppeurs peuvent utiliser pour interagir avec le traitement des paquets r\u00e9seau au sein de la pile r\u00e9seau de Windows. G\u00e9n\u00e9ralement, cette puissante capacit\u00e9 est exploit\u00e9e par les pare-feux et d’autres applications de s\u00e9curit\u00e9 pour surveiller, bloquer ou modifier les paquets r\u00e9seau en fonction des adresses IP, des ports, des processus d’origine, etc. EDRSilencer cr\u00e9e des filtres WFP qui ciblent les processus associ\u00e9s aux outils EDR les plus courants.<\/p>\n\n\n\n

Les agents pris en charge par d\u00e9faut comprennent Defender for Endpoint et Antivirus, Elastic EDR, Trellix EDR, Qualys EDR, SentinelOne, Cylance, Cybereason, Carbon Black EDR et Cloud, Tanium, Palo Alto Networks Traps\/Cortex XDR, FortiEDR, Cisco Secure Endpoint (anciennement Cisco AMP), ESET Inspect, Harfanglab EDR et TrendMicro Apex One. Si l’agent EDR install\u00e9 sur un syst\u00e8me ne figure pas dans cette liste et n’est pas automatiquement reconnu, l’utilisateur peut indiquer le chemin d’acc\u00e8s complet au processus dont il souhaite bloquer les communications r\u00e9seau. En th\u00e9orie, l’outil pourrait donc bloquer le trafic r\u00e9seau de n’importe quel programme et pas seulement des agents EDR.<\/p>\n\n\n\n

L’identifiant unique du PAM captur\u00e9<\/h2>\n\n\n\n

Les filtres WPF d\u00e9ploy\u00e9s par l’outil sont persistants, ce qui signifie qu’ils survivront aux red\u00e9marrages du syst\u00e8me et que l’outil lui-m\u00eame peut \u00eatre d\u00e9ploy\u00e9 directement dans la m\u00e9moire par d’autres implants de test de p\u00e9n\u00e9tration dot\u00e9s de modules d’ex\u00e9cution PE (Portable Execution). Cela veut aussi dire qu’il prend en charge l’ex\u00e9cution sans fichier. Le d\u00e9veloppeur d’EDRSilencer a m\u00eame mis en \u0153uvre une technique pour obtenir l’identifiant unique de l’application de gestion des acc\u00e8s \u00e0 privil\u00e8ges (privileged access management ou PAM) du processus cibl\u00e9 tout en \u00e9vitant de d\u00e9clencher les m\u00e9canismes d’autod\u00e9fense de certains processus EDR qui pourraient d\u00e9tecter des tentatives d’application d’un filtre WPF contre eux-m\u00eames. \u00ab Certains contr\u00f4les EDR (le minifiltre, par exemple) refusent l’acc\u00e8s lorsqu’un processus tente d’obtenir un handle de fichier de ses processus EDR (par exemple, via CreateFileW) \u00bb, a indiqu\u00e9<\/a> le d\u00e9veloppeur sur GitHub. \u00ab Cependant, l’API FwpmGetAppIdFromFileName0, utilis\u00e9e pour obtenir l’identifiant d’application FWP du processus EDR cibl\u00e9, appelle CreateFileW en interne. Pour \u00e9viter cela, un FwpmGetAppIdFromFileName0 personnalis\u00e9 a \u00e9t\u00e9 mis en \u0153uvre pour construire l’identifiant de l’application sans invoquer CreateFileW, \u00e9vitant ainsi des \u00e9checs inattendus lors de l’ajout d’un filtre WFP \u00e0 un processus EDR. \u00bb<\/p>\n\n\n\n

Lorsque les chercheurs de Trend Micro ont test\u00e9 l’outil contre l\u2019agent maison Vision One Endpoint Agent qui n’est pas pris en charge par d\u00e9faut, celui-ci n’a pas r\u00e9ussi \u00e0 identifier et \u00e0 bloquer compl\u00e8tement les communications r\u00e9seau pour tous les composants. Cependant, ils ont utilis\u00e9 avec succ\u00e8s la commande de blocage de l’outil avec un chemin d’acc\u00e8s complet aux processus. \u00ab Quand nous avons ex\u00e9cut\u00e9 un binaire de ransomware, aucun journal n’a \u00e9t\u00e9 affich\u00e9 sur le portail, l’appareil semblait d\u00e9connect\u00e9 ou inactif, ce qui indique que l’outil \u00e9tait efficace \u00bb, ont d\u00e9clar\u00e9 les chercheurs.<\/p>\n\n\n\n

Une erreur dans l’article?Proposez-nous une correction<\/a><\/p>\n\n\n\n

Article r\u00e9dig\u00e9 par<\/p>\n\n\n\n

Lucian Constantin, CSO (adapt\u00e9 par Jean Elyan)<\/p>\n","protected":false},"excerpt":{"rendered":"

Des attaquants d\u00e9tournent EDRSilencer pour \u00e9chapper \u00e0 la d\u00e9tection R\u00e9sum\u00e9 de l’article : EDRSilencer, un outil initialement con\u00e7u pour les tests de p\u00e9n\u00e9tration et les exercices de red team, a \u00e9t\u00e9 d\u00e9tourn\u00e9 par des pirates pour am\u00e9liorer leurs attaques. Cet outil utilise la Windows Filtering Platform (WFP) pour bloquer la communication r\u00e9seau des agents EDR (Endpoint Detection…<\/p>\n","protected":false},"author":1,"featured_media":920,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_kadence_starter_templates_imported_post":false,"_kad_post_transparent":"","_kad_post_title":"hide","_kad_post_layout":"","_kad_post_sidebar_id":"","_kad_post_content_style":"","_kad_post_vertical_padding":"","_kad_post_feature":"","_kad_post_feature_position":"","_kad_post_header":false,"_kad_post_footer":false,"_kad_post_classname":"","footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":true,"token":"eyJpbWciOiJodHRwczpcL1wvYXlyaWx5cy5jb21cL3dwLWNvbnRlbnRcL3VwbG9hZHNcLzIwMjRcLzA5XC9UcmFuc2Zvcm1hdGlvbi1udW1lcmlxdWUuanBnIiwidHh0IjoiRGVzIGF0dGFxdWFudHMgZFx1MDBlOXRvdXJuZW50IEVEUlNpbGVuY2VyIHBvdXIgXHUwMGU5Y2hhcHBlciBcdTAwZTAgbGEgZFx1MDBlOXRlY3Rpb24iLCJ0ZW1wbGF0ZSI6ImhpZ2h3YXkiLCJibG9nX2lkIjoyMzUzMzUwMjN9.UfWhfUZiBSYdgD_KLwQqTaZRrNzKi5lr9cn3zuER0TwMQ"},"version":2,"attached_media":[{"id":920,"url":"https:\/\/ayrilys.com\/wp-content\/uploads\/2024\/09\/Transformation-numerique.jpg","type":"image\/jpeg"}]}},"categories":[20,22],"tags":[],"class_list":["post-1157","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-accueil","category-securite-informatique"],"yoast_head":"\r\nEDRSilencer : Le d\u00e9tournement qui met les PME en danger Prestataire informatique depuis 2003 pour les PME\/PMI S\u00e9curit\u00e9 informatique -<\/title>\r\n<meta name=\"description\" content=\"D\u00e9couvrez les dangers de la d\u00e9tournement de l'outil EDRSilencer et comment il met en p\u00e9ril la cybers\u00e9curit\u00e9 des PME.\" \/>\r\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\r\n<link rel=\"canonical\" href=\"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/\" \/>\r\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\r\n<meta property=\"og:type\" content=\"article\" \/>\r\n<meta property=\"og:title\" content=\"Des attaquants d\u00e9tournent EDRSilencer pour \u00e9chapper \u00e0 la d\u00e9tection\" \/>\r\n<meta property=\"og:description\" content=\"Des attaquants d\u00e9tournent EDRSilencer pour \u00e9chapper \u00e0 la d\u00e9tection Prestataire informatique depuis 2003 pour les PME\/PMI\" \/>\r\n<meta property=\"og:url\" content=\"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/\" \/>\r\n<meta property=\"og:site_name\" content=\"Prestataire informatique depuis 2003 pour les PME\/PMI\" \/>\r\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=61563219240658\" \/>\r\n<meta property=\"article:published_time\" content=\"2024-10-22T16:11:40+00:00\" \/>\r\n<meta property=\"article:modified_time\" content=\"2024-10-22T16:15:32+00:00\" \/>\r\n<meta property=\"og:image\" content=\"https:\/\/ayrilys.com\/wp-content\/uploads\/2024\/09\/Transformation-numerique.jpg\" \/>\r\n\t<meta property=\"og:image:width\" content=\"640\" \/>\r\n\t<meta property=\"og:image:height\" content=\"285\" \/>\r\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\r\n<meta name=\"author\" content=\"admin\" \/>\r\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\r\n<meta name=\"twitter:creator\" content=\"@Ayrilys165097\" \/>\r\n<meta name=\"twitter:site\" content=\"@Ayrilys165097\" \/>\r\n<meta name=\"twitter:label1\" content=\"\u00c9crit par\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\r\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\/\/ayrilys.com\/#\/schema\/person\/a0005f5083786553a31b7393beac4f94\"},\"headline\":\"Des attaquants d\u00e9tournent EDRSilencer pour \u00e9chapper \u00e0 la d\u00e9tection\",\"datePublished\":\"2024-10-22T16:11:40+00:00\",\"dateModified\":\"2024-10-22T16:15:32+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/\"},\"wordCount\":1036,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/ayrilys.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/ayrilys.com\/wp-content\/uploads\/2024\/09\/Transformation-numerique.jpg\",\"articleSection\":[\"Accueil\",\"S\u00e9curit\u00e9 informatique\"],\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/\",\"url\":\"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/\",\"name\":\"EDRSilencer : Le d\u00e9tournement qui met les PME en danger Prestataire informatique depuis 2003 pour les PME\/PMI S\u00e9curit\u00e9 informatique -\",\"isPartOf\":{\"@id\":\"https:\/\/ayrilys.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/ayrilys.com\/wp-content\/uploads\/2024\/09\/Transformation-numerique.jpg\",\"datePublished\":\"2024-10-22T16:11:40+00:00\",\"dateModified\":\"2024-10-22T16:15:32+00:00\",\"description\":\"D\u00e9couvrez les dangers de la d\u00e9tournement de l'outil EDRSilencer et comment il met en p\u00e9ril la cybers\u00e9curit\u00e9 des PME.\",\"breadcrumb\":{\"@id\":\"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/#primaryimage\",\"url\":\"https:\/\/ayrilys.com\/wp-content\/uploads\/2024\/09\/Transformation-numerique.jpg\",\"contentUrl\":\"https:\/\/ayrilys.com\/wp-content\/uploads\/2024\/09\/Transformation-numerique.jpg\",\"width\":640,\"height\":285},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/ayrilys.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Des attaquants d\u00e9tournent EDRSilencer pour \u00e9chapper \u00e0 la d\u00e9tection\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/ayrilys.com\/#website\",\"url\":\"https:\/\/ayrilys.com\/\",\"name\":\"Ayrilys prestataire informatique infog\u00e9rance PME TPE MSP depuis 2003 sur Viroflay\",\"description\":\"Prestataire informatique PME TPE sur Viroflay en ile de France depuis plus de 20 ans\",\"publisher\":{\"@id\":\"https:\/\/ayrilys.com\/#organization\"},\"alternateName\":\"Ayriliys infog\u00e9rance fournisseur de services manag\u00e9s MSP PME TPE Viroflay\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/ayrilys.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/ayrilys.com\/#organization\",\"name\":\"Ayrilys\",\"url\":\"https:\/\/ayrilys.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/ayrilys.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/ayrilys.com\/wp-content\/uploads\/2024\/07\/Ayrilys-Logo-V1.png\",\"contentUrl\":\"https:\/\/ayrilys.com\/wp-content\/uploads\/2024\/07\/Ayrilys-Logo-V1.png\",\"width\":119,\"height\":64,\"caption\":\"Ayrilys\"},\"image\":{\"@id\":\"https:\/\/ayrilys.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/profile.php?id=61563219240658\",\"https:\/\/x.com\/Ayrilys165097\"],\"description\":\"Prestataire informatique depuis plus de 20 ans pour les PME et TPE\",\"email\":\"ayrilys@ayrilys.com\",\"telephone\":\"+33139242197\",\"legalName\":\"Ayrilys\",\"foundingDate\":\"2003-01-01\",\"vatID\":\"FR90449159011\",\"taxID\":\"44915901100013\",\"numberOfEmployees\":{\"@type\":\"QuantitativeValue\",\"minValue\":\"1\",\"maxValue\":\"10\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/ayrilys.com\/#\/schema\/person\/a0005f5083786553a31b7393beac4f94\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/ayrilys.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/673394efbb9f6f675f3aa2444209d504?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/673394efbb9f6f675f3aa2444209d504?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"http:\/\/ayrilys.com\"],\"url\":\"https:\/\/ayrilys.com\/index.php\/author\/admin\/\"}]}<\/script>\r\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"EDRSilencer : Le d\u00e9tournement qui met les PME en danger Prestataire informatique depuis 2003 pour les PME\/PMI S\u00e9curit\u00e9 informatique -","description":"D\u00e9couvrez les dangers de la d\u00e9tournement de l'outil EDRSilencer et comment il met en p\u00e9ril la cybers\u00e9curit\u00e9 des PME.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/","og_locale":"fr_FR","og_type":"article","og_title":"Des attaquants d\u00e9tournent EDRSilencer pour \u00e9chapper \u00e0 la d\u00e9tection","og_description":"Des attaquants d\u00e9tournent EDRSilencer pour \u00e9chapper \u00e0 la d\u00e9tection Prestataire informatique depuis 2003 pour les PME\/PMI","og_url":"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/","og_site_name":"Prestataire informatique depuis 2003 pour les PME\/PMI","article_publisher":"https:\/\/www.facebook.com\/profile.php?id=61563219240658","article_published_time":"2024-10-22T16:11:40+00:00","article_modified_time":"2024-10-22T16:15:32+00:00","og_image":[{"width":640,"height":285,"url":"https:\/\/ayrilys.com\/wp-content\/uploads\/2024\/09\/Transformation-numerique.jpg","type":"image\/jpeg"}],"author":"admin","twitter_card":"summary_large_image","twitter_creator":"@Ayrilys165097","twitter_site":"@Ayrilys165097","twitter_misc":{"\u00c9crit par":"admin","Dur\u00e9e de lecture estim\u00e9e":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/#article","isPartOf":{"@id":"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/"},"author":{"name":"admin","@id":"https:\/\/ayrilys.com\/#\/schema\/person\/a0005f5083786553a31b7393beac4f94"},"headline":"Des attaquants d\u00e9tournent EDRSilencer pour \u00e9chapper \u00e0 la d\u00e9tection","datePublished":"2024-10-22T16:11:40+00:00","dateModified":"2024-10-22T16:15:32+00:00","mainEntityOfPage":{"@id":"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/"},"wordCount":1036,"commentCount":0,"publisher":{"@id":"https:\/\/ayrilys.com\/#organization"},"image":{"@id":"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/#primaryimage"},"thumbnailUrl":"https:\/\/ayrilys.com\/wp-content\/uploads\/2024\/09\/Transformation-numerique.jpg","articleSection":["Accueil","S\u00e9curit\u00e9 informatique"],"inLanguage":"fr-FR","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/","url":"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/","name":"EDRSilencer : Le d\u00e9tournement qui met les PME en danger Prestataire informatique depuis 2003 pour les PME\/PMI S\u00e9curit\u00e9 informatique -","isPartOf":{"@id":"https:\/\/ayrilys.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/#primaryimage"},"image":{"@id":"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/#primaryimage"},"thumbnailUrl":"https:\/\/ayrilys.com\/wp-content\/uploads\/2024\/09\/Transformation-numerique.jpg","datePublished":"2024-10-22T16:11:40+00:00","dateModified":"2024-10-22T16:15:32+00:00","description":"D\u00e9couvrez les dangers de la d\u00e9tournement de l'outil EDRSilencer et comment il met en p\u00e9ril la cybers\u00e9curit\u00e9 des PME.","breadcrumb":{"@id":"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/"]}]},{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/#primaryimage","url":"https:\/\/ayrilys.com\/wp-content\/uploads\/2024\/09\/Transformation-numerique.jpg","contentUrl":"https:\/\/ayrilys.com\/wp-content\/uploads\/2024\/09\/Transformation-numerique.jpg","width":640,"height":285},{"@type":"BreadcrumbList","@id":"https:\/\/ayrilys.com\/index.php\/des-attaquants-detournent-edrsilencer-pour-echapper-a-la-detection\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/ayrilys.com\/"},{"@type":"ListItem","position":2,"name":"Des attaquants d\u00e9tournent EDRSilencer pour \u00e9chapper \u00e0 la d\u00e9tection"}]},{"@type":"WebSite","@id":"https:\/\/ayrilys.com\/#website","url":"https:\/\/ayrilys.com\/","name":"Ayrilys prestataire informatique infog\u00e9rance PME TPE MSP depuis 2003 sur Viroflay","description":"Prestataire informatique PME TPE sur Viroflay en ile de France depuis plus de 20 ans","publisher":{"@id":"https:\/\/ayrilys.com\/#organization"},"alternateName":"Ayriliys infog\u00e9rance fournisseur de services manag\u00e9s MSP PME TPE Viroflay","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/ayrilys.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Organization","@id":"https:\/\/ayrilys.com\/#organization","name":"Ayrilys","url":"https:\/\/ayrilys.com\/","logo":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/ayrilys.com\/#\/schema\/logo\/image\/","url":"https:\/\/ayrilys.com\/wp-content\/uploads\/2024\/07\/Ayrilys-Logo-V1.png","contentUrl":"https:\/\/ayrilys.com\/wp-content\/uploads\/2024\/07\/Ayrilys-Logo-V1.png","width":119,"height":64,"caption":"Ayrilys"},"image":{"@id":"https:\/\/ayrilys.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/profile.php?id=61563219240658","https:\/\/x.com\/Ayrilys165097"],"description":"Prestataire informatique depuis plus de 20 ans pour les PME et TPE","email":"ayrilys@ayrilys.com","telephone":"+33139242197","legalName":"Ayrilys","foundingDate":"2003-01-01","vatID":"FR90449159011","taxID":"44915901100013","numberOfEmployees":{"@type":"QuantitativeValue","minValue":"1","maxValue":"10"}},{"@type":"Person","@id":"https:\/\/ayrilys.com\/#\/schema\/person\/a0005f5083786553a31b7393beac4f94","name":"admin","image":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/ayrilys.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/673394efbb9f6f675f3aa2444209d504?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/673394efbb9f6f675f3aa2444209d504?s=96&d=mm&r=g","caption":"admin"},"sameAs":["http:\/\/ayrilys.com"],"url":"https:\/\/ayrilys.com\/index.php\/author\/admin\/"}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/ayrilys.com\/wp-content\/uploads\/2024\/09\/Transformation-numerique.jpg","jetpack_sharing_enabled":true,"jetpack_likes_enabled":true,"jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/ayrilys.com\/index.php\/wp-json\/wp\/v2\/posts\/1157","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ayrilys.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ayrilys.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ayrilys.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ayrilys.com\/index.php\/wp-json\/wp\/v2\/comments?post=1157"}],"version-history":[{"count":2,"href":"https:\/\/ayrilys.com\/index.php\/wp-json\/wp\/v2\/posts\/1157\/revisions"}],"predecessor-version":[{"id":1160,"href":"https:\/\/ayrilys.com\/index.php\/wp-json\/wp\/v2\/posts\/1157\/revisions\/1160"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ayrilys.com\/index.php\/wp-json\/wp\/v2\/media\/920"}],"wp:attachment":[{"href":"https:\/\/ayrilys.com\/index.php\/wp-json\/wp\/v2\/media?parent=1157"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ayrilys.com\/index.php\/wp-json\/wp\/v2\/categories?post=1157"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ayrilys.com\/index.php\/wp-json\/wp\/v2\/tags?post=1157"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}