<ul><li>Security researchers from Akamai discovered a new method to run malware on Windows devices without triggering EDR tools.</li><li>The malware abuses the UI Automation accessibility feature, making it difficult for antivirus programs to detect.</li><li>Admins can monitor the OS for suspicious activity by monitoring the use of UIAutomationCore.dll and the named pipes opened by the UIA.</li><li>UI Automation can be used to execute stealthy command execution, posing risks such as data harvesting and browser redirection.</li></ul>

This devious new malware technique looks to hijack Windows itself to avoid detection

Discover more