Kant's Times

New Research Links RansomHub’s EDRKillShifter to Established Ransomware Gangs Hackers Repurpose RansomHub's EDRKillShifter in Medusa, BianLian, and Play Attacks 위협 개요신생 RaaS(서비스형 랜섬웨어) 그룹 RansomHub가 배포한 EDRKillShifter 도구가 Medusa, BianLian, Play 등 기존 랜섬웨어 조직에서도 재사용됨EDRKillShifter는 EDR(엔드포인트 탐지 대응) 솔루션을 우회하거나 종료하기 위한 맞춤형 킬러 도구로, 2024년 5월 처음 등장도구 특성과 공격 기법BYOVD(취약한 드라이버 가져오기, Bring Your Own Vulnera..

How Ransomhub Ransomware Uses EDRKillShifter to Disable EDR and Antivirus Protections How Ransomhub Ransomware Uses EDRKillShifter to Disable EDR and Antivirus ProtectionsTrend Micro tracked this group as Water Bakunawa, behind the RansomHub ransomware, employs various anti-EDR techniques to play a high-stakes game of hide and seek with security solutions.www.trendmicro.com 개요RansomHub 랜섬웨어는 Wat..