Threat actors are using a new tool called AuKill to disable endpoint detection and response (EDR) software and deploy malicious software such as ransomware.
The tool relies on an outdated version of a Microsoft driver to bypass a Windows security mechanism.
AuKill is one of many tools used by cybercriminals that are designed to evade detection and persist in compromised environments.
These tools include custom data harvesting tools, VSS Copying Tool, and a GoLang ransomware called CrossLock that utilizes the double-extortion technique.
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply