Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?
Cybercriminals Unleash EDRKillShifter: Your Antivirus Doesn’t Stand a Chance!
Cybercriminals have unleashed EDRKillShifter, a malware tool designed to kill endpoint detection and response (EDR) systems and pave the way for ransomware attacks. Sophos discovered this, noting its failure in one attempt. Businesses should bolster tamper protection and maintain strong Windows security practices to counter…
Hot Take:
Antivirus programs are supposed to be the bodyguards of your digital world, but it looks like these cybercriminals have found a way to turn them into sitting ducks. Meet EDRKillShifter, the new “antivirus exterminator” on the block, making ransomware attacks more successful than ever before. It’s like bringing a bazooka to a knife fight!
Key Points:
- Cybercriminals are using a new malware tool called EDRKillShifter to disable antivirus programs.
- EDRKillShifter was spotted in use by the ransomware group RansomHub.
- Sophos suggests the tool may be available on the dark web, used by multiple attackers.
- EDRKillShifter works by deploying vulnerable drivers to exploit and disable endpoint detection and response (EDR) systems.
- Businesses are advised to enable tamper protection and practice strong security hygiene to defend against such threats.
Already a member? Log in here