Attackers Use AI to Automate EDR Evasion Testing
Python scripts were used to test malware against endpoint detection and response agents from Sophos, CrowdStrike, and Windows Defender.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Python scripts were used to test malware against endpoint detection and response agents from Sophos, CrowdStrike, and Windows Defender.
A campaign by Russian-speaking cyberattackers hijacks workflows to deliver security-busting malware, allowing attackers to steal data without detection.
Shanya is the latest in an emerging field of packing malware, selling obfuscation functionality in order to help ransomware actors reach their target.
A threat actor is using a sophisticated EDR-killing malware tool in a campaign to maintain long-term, persistent access on Windows systems.
Researchers have uncovered multiple campaigns spreading Lumma, Arechclient2, and Rhadamanthys malware by leveraging key features of the AV/EDR evasion framework.
Next-level malware represents a new era of malicious code developed specifically to get around modern security software like digital forensics tools and EDR, new research warns.
Malware authors have iterated on one of the premier encryptors on the market, building something even bigger and better.
The previously unknown malware (aka Hidden Shovel) is a ghost in the machine: It silently attacks kernel drivers to shut down security defense systems and thus evade detection.
Two new code-execution techniques, Poison Fiber and Phantom Thread, take advantage of a little-known Windows OS workhorse to sneak shellcode and other malware onto victim machines.
Attackers are using custom malware to exploit drivers and terminate security processes so they can deploy ransomware.
Researchers warn that polymorphic malware created with ChatGPT and other LLMs will force a reinvention of security automation.
New Golang cyberattacks use deep space images and a new obfuscator to target systems — undetected.