Ian Nickles
Results
2
issues of
Ian Nickles
### Summary Event filtering in Sysmon For Linux incorrectly assumes event data, such as executable image paths, will be valid UTF-8 and that conversion to UTF-16 will always succeed. This...
investigate
One can reliably create ProcessGUID collisions from different ProcessCreate events by launching non-Position Independent Executables (PIE) within a second. This has been an issue for me, trying to correlate events....
investigate