EDR – Page 2 – Computer Security Articles

Microsoft Revokes Malicious Drivers in Patch Tuesday Culling

July 11, 2023 admin 2023-07, anti-edr, drivers, drivers.stl, EDR, Featured, fivesys, fk_undead, fu rootkit, netfilter, Patch Tuesday, patches, rootkit, sophos x-ops, threat research, uac, wfp, windows filtering platform, Windows update

Credit to Author: Andrew Brandt| Date: Tue, 11 Jul 2023 17:20:38 +0000

In December 2022, Microsoft published their monthly Windows Update packages that included an advisory about malicious drivers, signed by Microsoft and other code-signing authorities, that Sophos X-Ops (and others) observed threat actors abusing during attacks. Today, Microsoft issued Security Advisory ADV230001 as part of their July Windows Update that addresses Sophos’ discovery of more than […]

Security Sophos

‘AuKill’ EDR killer malware abuses Process Explorer driver

April 19, 2023 admin active adversary, active adversary playbook, anti-edr, aukill, backstab, EDR, edr killer, Featured, malware, process explorer, procexp, sophos x-ops, Targeted Attacks, threat research

Credit to Author: Andrew Brandt| Date: Wed, 19 Apr 2023 10:00:43 +0000

Driver based attacks against security products are on the rise

Security Sophos

Defenders vs. Adversaries: The Two-Speed Cybersecurity 2023 Race

April 4, 2023 admin active adversary, EDR, Endpoint, Featured, mdr, Network, products & services, security operations, XDR

Credit to Author: Sally Adam| Date: Tue, 04 Apr 2023 09:45:12 +0000

Slowed by multiple headwinds, defenders are falling behind while adversaries continue to accelerate. Organizations need to speed up the defender flywheel to enable them to pull ahead.

MalwareBytes Security

Play ransomware group claims to have stolen hotel chain data

December 21, 2022 admin breach, EDR, extortion, h-hotel, news, play ransomware, ransomware, threat

Categories: News

Tags: H-Hotel

Tags: Play ransomware

Tags: ransomware

Tags: extortion

Tags: threat

Tags: breach

Tags: EDR

A ransomware group claims to have stolen data from the H-Hotel chain, and is now threatening to leak it if the ransom is not paid

Security Sophos

Remove All The Callbacks – BlackByte Ransomware Disables EDR Via RTCore64.sys Abuse

October 4, 2022 admin blackbyte, EDR, Featured, ransomware, sophos x-ops, threat research

Credit to Author: Angela Gunn| Date: Tue, 04 Oct 2022 11:00:33 +0000

A fresh exploration of the malware uncovers a new tactic for bypassing security products by abusing a known driver vulnerability

Kaspersky Security

Kaspersky EDR optimum updated | Kaspersky official blog

September 20, 2022 admin Business, EDR, enterprise, Products, Threat Intelligence, XDR

Credit to Author: Eugene Kaspersky| Date: Tue, 20 Sep 2022 11:00:23 +0000

Kaspersky presents the new edition of Endpoint Detection and Response (EDR) Optimum.

Kaspersky Security

Kaspersky EDR comes first in SE Labs tests.

August 18, 2022 admin Business, EDR, enterprise, independent tests, Products, SE Labs, tests

Credit to Author: Kaspersky Team| Date: Thu, 18 Aug 2022 11:00:03 +0000

The Kaspersky EDR solution received top marks in SE Labs tests, based on real methods used by cybercriminal groups Wizard Spider, Sandworm, Lazarus and Wocao.

MalwareBytes Security

CISA and FBI issue alert about Zeppelin ransomware

August 16, 2022 admin authentication, backups, EDR, malvertising, mfa, news, patching, phishing, ransomware, RDP, SonicWall, zeppelin

Categories: News

Categories: Ransomware

Tags: Zeppelin

Tags: ransomware

Tags: RDP

Tags: Sonicwall

Tags: phishing

Tags: malvertising

Tags: backups

Tags: authentication

Tags: mfa

Tags: patching

Tags: EDR

The FBI and CISA have issued a joint Cybersecurity Advisory (CSA) to raise awareness about Zeppelin ransomware

(Read more…)

The post CISA and FBI issue alert about Zeppelin ransomware appeared first on Malwarebytes Labs.