EDR

EDRKillShifter was used by the same affiliate in multiple attacks for different RaaS groups.

Rob from ThreatLocker comes on the show to talk about how we can disrupt attacker techniques, including Zero Trust, privilege escalation, LOLbins, and evil virtualization. In the news we talk about security appliances and vulnerabilities, rsync vulnerabilities, Shmoocon, hacking devices, and more! This segment is sponsored by ThreatLocker. Visit h...

Google's cookie encryption drama, Microsoft accusing Google of shady antitrust tactics, AI shenanigans, the rejected Defcon talk and hacking traffic lights, vulnerabilities in Realtek SD card readers, the never-ending debate on quantum computing vs. cryptography, backdoors are not secrets and where we are pushing attackers, firmware leakage, more o...

This week: The USB Army Knife that won't break the budget, I don't want to say EDR is useless (but there I said it), Paul's list of excellent hacking tips, FortiJump - an RCE that took a while to become public, do malware care if it's on a hypervisor?, MicroPython for fun and not for hacking?, an unspecified vulnerability, can you exploit speculati...

Cyberattacks have involved the exploitation of the open-source red team tool EDRSilencer to evade endpoint detection and response tools.

After achieving reconnaissance and privilege escalation, RansomHub proceeded with the exploitation of TDSSKiller with a command line script or batch file that enabled kernel-level service interaction disabling the Malwarebytes Anti-Malware Service without being flagged.

Potential sale of Secureworks was reported by Reuters quoting sources close to the matter to be assessed by Dell alongside Morgan Stanley and Piper Sandler, which prompted an increase in share prices for the cybersecurity firm.

While the hack failed, security pros say teams should maintain tight control of their drivers because attackers are looking for flaws to shut down EDR tools then launch ransomware.