#EDRkiller tool uses signed #kernel driver from forensic software

https://www.bleepingcomputer.com/news/security/edr-killer-tool-uses-signed-kernel-driver-from-forensic-software/

#EnCase #cybersecurity #EDR #DigitalForensics

🚨 EDR Killer Tools are targeting German enterprises!

From healthcare to energy, attackers are bypassing defenses with tools like Aukill & KernelMode. Is your business prepared? 💻🔒

#Cybersecurity #InfoSec #NetworkSecurity #DataProtection #EDR #EDRKiller

With these new developments, what was formerly just an #EDRkiller tool is now a mechanism for #EDR impairment and subversion of the operating system itself. Sophos will continue to monitor developments in this threat actor's arsenal.

https://news.sophos.com/en-us/2024/08/27/burnt-cigar-2/