March 04, 2024 It’ll be back: Attackers still abusing Terminator tool and variants First released in May 2023, an EDR killer – and the vulnerable Zemana drivers it leverages – are still of interest to threat actors, along with variants and ported versions Threat Research
October 04, 2022 Remove All The Callbacks – BlackByte Ransomware Disables EDR Via RTCore64.sys Abuse A fresh exploration of the malware uncovers a new tactic for bypassing security products by abusing a known driver vulnerability Threat Research
