BTC $51524.6928
ETH $3102.2833
BNB $384.2776
SOL $103.2311
XRP $0.5405
ADA $0.5849
AVAX $36.9511
TRX $0.1377
DOGE $0.0856
wstETH $3587.3896
LINK $18.6494
DOT $7.8438
WETH $3100.0078
UNI $11.0945
MATIC $0.9971
WBTC $51554.8458
IMX $3.3401
ICP $12.4013
LTC $70.0025
BCH $266.3236
CAKE $3.1426
FIL $8.1456
ETC $27.0947
RNDR $7.2587
DAI $1.0009
KAS $0.1676
HBAR $0.1071
ATOM $10.3461
INJ $35.4309
VET $0.0467
TON $2.0697
OKB $50.3127
FDUSD $0.9994
LDO $3.3633
GRT $0.3004
ARB $1.8920
XMR $128.8577
TIA $16.5811
XLM $0.1156
STX $2.5143
ENS $22.4126
NEAR $3.6605
APEX $2.4601
WEMIX $2.0774
MKR $2060.5410
BEAM $0.0332
MNT $0.8950
BTC $51524.6928
ETH $3102.2833
BNB $384.2776
SOL $103.2311
XRP $0.5405
ADA $0.5849
AVAX $36.9511
TRX $0.1377
DOGE $0.0856
wstETH $3587.3896
LINK $18.6494
DOT $7.8438
WETH $3100.0078
UNI $11.0945
MATIC $0.9971
WBTC $51554.8458
IMX $3.3401
ICP $12.4013
LTC $70.0025
BCH $266.3236
CAKE $3.1426
FIL $8.1456
ETC $27.0947
RNDR $7.2587
DAI $1.0009
KAS $0.1676
HBAR $0.1071
ATOM $10.3461
INJ $35.4309
VET $0.0467
TON $2.0697
OKB $50.3127
FDUSD $0.9994
LDO $3.3633
GRT $0.3004
ARB $1.8920
XMR $128.8577
TIA $16.5811
XLM $0.1156
STX $2.5143
ENS $22.4126
NEAR $3.6605
APEX $2.4601
WEMIX $2.0774
MKR $2060.5410
BEAM $0.0332
MNT $0.8950
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • Hackers Are Increasingly Finding Ways to Bypass Advanced Cybersecurity Tools

    Are even modern EDR solutions powerless against the sophisticated methods of cybercriminals?

    EDR software is universally recognized as a good way to protect your organization from destructive attacks from ransomware and other malicious software. As hacking has become more destructive and pervasive, powerful EDR tools from companies like CrowdStrike and Microsoft have been a boon to the cybersecurity industry.

    Endpoint detection and response software is designed to detect early signs of malicious activity on an organization's laptops, servers, and other devices—the so-called "endpoints" of a computer network. And, of course, these solutions are popular primarily for blocking such threats before attackers can steal data or block working machines.

    However, the researchers say that although the percentage of successful cyberattacks on computers with EDR installed is small, it is gradually growing. It seems that over time, hackers manage to invent more and more workarounds for some of the security technologies that have already become the gold standard for protecting critical systems.

    For example, over the past two years, Mandiant has investigated 84 violations that resulted in EDR or other endpoint security software being modified or disabled.

    “Hacking security controls is nothing new,” said Mark Kerfi, a cybersecurity expert.

    He also added that the prize, if successful, is access to all organizations and systems using similar security technologies, which further motivates hackers to look for loopholes.

    Microsoft revealed in a blog post in December how hackers tricked a company into applying its seal of authenticity to malware that was later used to disable EDR and other security tools. Microsoft suspended the accounts of third-party developers involved in the ploy and said the company is "working on long-term solutions to address these fraudulent activities and prevent future impacts on customers."

    And every cybersecurity company has a lot of such stories, because there is a whole variety of EDR solutions on the market and a “crowd of hackers” who continually “challenge” the system.

    A decade ago, the dominant vendors of security products for PCs and other endpoints were antivirus software vendors. However, their popularity has declined over time, as constant hacker attacks repeatedly exposed the weaknesses of the technology.

    The rise in ransomware and other destructive attacks has spurred demand for EDR and similar technologies designed to detect and block infections at an early stage. These tools track more signals of malicious activity and automate many of the time-consuming tasks of investigating and remediating violations.

    And since the situation is repeating now with EDR solutions, doesn’t it mean that in a few more years some more advanced security system will prevail in the corporate sector? Maybe, but so far, EDR remains the most advanced endpoint protection solution and does its job much better than simple antiviruses. You just need to remember that even such a seemingly reliable protection system is by no means a panacea.

    Persistent and stubborn hackers are unlikely to be stopped by at least one existing protection system, therefore, in addition to having an EDR, you need to have a competent CISO in your company who will quickly monitor the situation and make decisions that are not yet available to a regular program.

    Author DeepWeb
    Exploit in VM2 library allows a hacker to bypass Java protections
    Used corporate routers are the new gold for cybercriminals

    Comments 0

    Add comment