Ransomware attackers introduce new EDR killer to their arsenal
Credit to Author: Andrew Brandt| Date: Wed, 14 Aug 2024 16:00:19 +0000
Sophos discovers the threat actors behind RansomHub ransomware using EDRKillShifter in attacks
Read moreCredit to Author: Andrew Brandt| Date: Wed, 14 Aug 2024 16:00:19 +0000
Sophos discovers the threat actors behind RansomHub ransomware using EDRKillShifter in attacks
Read moreCredit to Author: Matt Wixey| Date: Mon, 04 Mar 2024 11:00:08 +0000
First released in May 2023, an EDR killer – and the vulnerable Zemana drivers it leverages – are still of interest to threat actors, along with variants and ported versions
Read moreCredit to Author: Andrew Brandt| Date: Tue, 13 Dec 2022 18:00:15 +0000
The criminals signed their AV-killer malware, closely related to one known as BURNTCIGAR, with a legitimate WHCP certificate
Read moreCategories: News Tags: BYOVD Tags: bring your own vulnerable driver Tags: blocklist Tags: microsoft Tags: windows updates We take a look at reports that Microsoft’s driver blocklist hadn’t been updated for three years, leaving people at risk from BYOVD attacks. |
The post Microsoft fixes driver blocklist placing users at risk from BYOVD attacks appeared first on Malwarebytes Labs.
Read more