cybersecurity

5183 readers

12 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 2 years ago

MODERATORS

shellsharks

tweedge

RealBlindingEDR Tool That Permanently Turns Off AV/EDR Using Kernel Callbacks (cybersecuritynews.com)

submitted 1 month ago by cm0002@lemmy.zip to c/cybersecurity

1 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] adespoton@lemmy.ca 4 points 1 month ago

That’s why any EDR worth its salt has detected both this and the attempted abuse of the signed drivers it uses since early 2024. Many will also block it from running.

permalink
fedilink
source