Ransomware attackers introduce new EDR killer to their arsenal
#1
Quote:Sophos analysts recently encountered a new EDR-killing utility being deployed by a criminal group who were trying to attack an organization with ransomware called RansomHub. While the ransomware attack ultimately was unsuccessful, the postmortem analysis of the attack revealed the existence of a new tool designed to terminate endpoint protection software. We are calling this tool EDRKillShifter. 


Full Article_Source
 
RansomHub's New Malware EDRKillShifter

Additional Info HERE
[-] The following 2 users say Thank You to dhruv2193 for this post:
  • harlan4096, jasonX
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
AMD Strix Halo iGPU naming revealed: Rad...
Please note that t...harlan4096 — 12:36
Waterfox 6.5.1
6.5.1​ Fixes​ ...harlan4096 — 12:34
QOwnNotes 19.1.6
24.11.1 The mar...Kool — 15:27
Intel Core Ultra 200S Arrow Lake-S desk...
Intel confirms Core ...harlan4096 — 08:46
How (not) to play tanks and catch a back...
Cybercriminals hav...harlan4096 — 17:59

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
avatar (39)idilamoz
avatar (56)Stefanos
avatar (29)alison30
avatar (29)marcojanson42

[-]
Online Staff
There are no staff members currently online.

>