Ransomware gangs increasingly brandish EDR bypass tools
Ransomware actors are increasingly abusing vulnerable drivers to craft tools known as "EDR killers," which can disrupt and ...
SecurityWeek13 小时
Ransomware Groups Increasingly Adopting EDR Killer Tools
ESET uncovers a link between RansomHub, Play, Medusa, and BianLian ransomware gangs as more groups adopt tools to disable EDR software.
The Hacker News12 小时
Hackers Repurpose RansomHub's EDRKillShifter in Medusa, BianLian, and Play Attacks
RansomHub's EDRKillShifter used in 2024 ransomware by Medusa, BianLian, and Play, revealing cross-gang tool sharing.
Medusa ransomware is able to disable anti-malware tools, so be on your guard
Operators of the Medusa ransomware are engaging in old-fashioned bring-your-own-vulnerable-driver (BYOD) attacks, bypassing ...
WeLiveSecurity13 小时
RansomHub affiliates linked to rival RaaS gangs
ESET researchers also examine the growing threat posed by tools that ransomware affiliates deploy in an attempt to disrupt EDR security solutions ...
WeLiveSecurity1 天
Shifting the sands of RansomHub’s EDRKillShifter
ESET researchers discover new ties between affiliates of RansomHub and of rival gangs Medusa, BianLian, and Play.
The Hacker News5 天
Medusa Ransomware Uses Malicious Driver to Disable Anti-Malware with Stolen Certificates
Medusa ransomware uses ABYSSWORKER driver with stolen certificates to disable EDR and enable RDP access, risking data ...
ITWeb on MSN1 天
Detection and response guide for humans: Decoding MDR, EDR, NDR, XDR
Detection and response solutions have advanced to address the constantly evolving sophistication of cyber attacks.
Dangerous new CoffeeLoader malware executes on your GPU to get past security tools
Researchers from Zscaler ThreatLabz said they recently observed CoffeeLoader in the wild, describing it as a “sophisticated” ...