Threats Tagged 'edr killer'
View all threats tagged with 'edr killer'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'edr killer'
Click on any threat for detailed analysis and mitigation recommendations
Not very gentlemanly: Analyzing a zero-day exploit used to disable targets' EDRs 0 The Gentlemen ransomware group has exploited a previously unknown zero-day vulnerability in a third-party driver (ktapi.sys from Kontron) to disable endpoint detection and response (EDR) systems. This bring-your-own-vulnerable-driver (BYOVD) attack bypasses Windows kernel exploit mitigations, allowing attackers to execute privileged kernel functions from user mode and terminate security processes such as Windows Defender, ESET, Palo Alto Cortex XDR, and SentinelOne. The vulnerability was not publicly documented and was absent from known vulnerable driver blocklists at the time of discovery. No patch or official remediation has been reported. Join the discussion | AlienVault OTX General | 06/30/2026, 16:35:05 UTC Added: 07/01/2026, 07:21:30 UTC |
Showing 1 to 1 of 1 result