Ransomware IAB abuses EDR for stealthy malware execution
An initial access broker tracked as Storm-0249 is abusing endpoint detection and response solutions and trusted Microsoft Windows utilities to load malware, establish communication, and persistence in preparation for ransomware attacks.
The threat ac...
news.fmisec.com3 min read