I work in security, and I’ve seen a lot more EDR killers lately. Every incident I’ve seen regarding ransomware or potential ransomware has used EDR killers while compromising DCs, backup servers, file servers, and the odd workstation used for persistence.
I work in security, and I’ve seen a lot more EDR killers lately. Every incident I’ve seen regarding ransomware or potential ransomware has used EDR killers while compromising DCs, backup servers, file servers, and the odd workstation used for persistence.