RealBlindingEDR Tool That Permanently Turns Off AV/EDR Using Kernel Callbacks
Submitted 2 months ago by cm0002@lemmy.zip to cybersecurity@infosec.pub
https://cybersecuritynews.com/realblindingedr-tool/
Submitted 2 months ago by cm0002@lemmy.zip to cybersecurity@infosec.pub
https://cybersecuritynews.com/realblindingedr-tool/
adespoton@lemmy.ca 2 months ago
That’s why any EDR worth its salt has detected both this and the attempted abuse of the signed drivers it uses since early 2024. Many will also block it from running.