A naukri.com initiative
Securityaffairs
1w
197
Image Credit: Securityaffairs
Medusa ransomware uses malicious Windows driver ABYSSWORKER to disable security tools
- Medusa ransomware campaign tracked by Elastic Security Labs.
- Attackers use a malicious Windows driver named ABYSSWORKER to disable EDR tools.
- Driver masquerades as a CrowdStrike Falcon driver and is signed with a revoked Chinese certificate.
- ABYSSWORKER uses various techniques to obstruct static analysis and disable EDR systems.
Read Full Article
11 Likes
For uninterrupted reading, download the app