Shared secret: EDR killer in the kill chain
A look under the hood at a tool designed to disable protections
Similar Posts
GOLD SALEM’s Warlock operation joins busy ransomware landscape
Bys sThe emerging group demonstrates competent tradecraft using a familiar ransomware playbook and hints of ingenuity
AI Agents: The Next Wave Identity Dark Matter – Powerful, Invisible, and Unmanaged
Bys sThe Rise of MCPs in the Enterprise The Model Context Protocol (MCP) is quickly becoming a practical way to push LLMs from “chat” into real work. By providing structured access to applications, APIs, and data, MCP enables prompt-driven AI agents that can retrieve information, take action, and automate end-to-end business workflows across the enterprise. This…
Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware
Bys sMicrosoft is warning of several phishing campaigns that are leveraging tax-related themes to deploy malware and steal credentials. “These campaigns notably use redirection methods such as URL shorteners and QR codes contained in malicious attachments and abuse legitimate services like file-hosting services and business profile pages to avoid detection,” Microsoft said in a report shared…
Data breach feared after cyberattack on AMEOS hospitals in Germany
Bys sDPA reports: A cyberattack on Swiss hospital group AMEOS may have exposed sensitive patient and staff data, the company said on Monday. The attack, which took place two weeks ago, caused significant disruption across the group’s German operations. The company described the episode as a targeted assault on its IT infrastructure. In a statement, AMEOS…
VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX
Bys sPopular artificial intelligence (AI)-powered Microsoft Visual Studio Code (VS Code) forks such as Cursor, Windsurf, Google Antigravity, and Trae have been found to recommend extensions that are non-existent in the Open VSX registry, potentially opening the door to supply chain risks when bad actors publish malicious packages under those names. The problem, according to Koi,…
China-Linked GopherWhisper Infects 12 Mongolian Government Systems with Go Backdoors
Bys sMongolian governmental institutions have emerged as the target of a previously undocumented China-aligned advanced persistent threat (APT) group tracked as GopherWhisper. “The group wields a wide array of tools mostly written in Go, using injectors and loaders to deploy and execute various backdoors in its arsenal,” Slovakian cybersecurity company ESET said in a report shared…