How Ransomhub Ransomware Uses EDRKillShifter to Disable EDR and Antivirus Protections
September 20, 2024 at 11:25AM The article discusses the Ransomhub ransomware’s utilization of EDRKillShifter to disable EDR and antivirus protections. Ransomhub also exploits the Zerologon vulnerability to take control of networks without authentication. The group has attacked various industries, employed spear-phishing, and used the affiliate model. Trend Micro’s Vision One telemetry data aided in uncovering … Read more