Ransomware IAB Abuses EDR for Stealthy Malware Execution

Ransomware group Storm-0249 exploits EDR tools like SentinelOne to stealthily execute malware. Using social engineering, they trick users into running malicious commands that lead to DLL side-loading, making attacks appear as normal EDR processes, thus evading detection. Recommendations include behavior-based detection and stricter controls on execution of potentially harmful commands.

https://www.bleepingcomputer.com/news/security/ransomware-iab-abuses-edr-for-stealthy-malware-execution/

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top