Topic: edr evasion
-
Ransomware Gangs Now Use Shanya EXE Packer to Evade EDR
Cybersecurity threat groups are increasingly using the commercial **Shanya packer service** to encrypt and obfuscate ransomware payloads, making them difficult for traditional security tools to detect and block. The packer's unique, customized output for each customer helps bypass signature-based...
Read More » -
Russian Hackers Hide Malware in Linux VMs Using Hyper-V
The Russian cyber-espionage group Curly COMrades uses Microsoft's Hyper-V to hide malware in concealed Linux virtual machines, evading standard security measures and targeting entities aligned with Russian interests. Attackers deploy a minimal Alpine Linux VM hosting custom tools like CurlyShell ...
Read More » -
Microsoft Fixes 3 Actively Exploited Zero-Day Vulnerabilities
Microsoft patched three actively exploited zero-day vulnerabilities in its October 2025 Patch Tuesday, including flaws in a pre-installed modem driver, Windows Remote Access Connection Manager, and IGEL OS, requiring immediate updates. The vulnerabilities enable attackers to escalate privileges t...
Read More » -
State Hackers Exploit Most Software Vulnerabilities
State-sponsored hackers were responsible for over half of all attributed software vulnerability exploits in the first half of 2025, primarily targeting critical infrastructure and enterprise systems for espionage rather than financial gain. Chinese state-linked groups dominated these activities, ...
Read More » -
Akira Ransomware: 4 Hours from VPN Login to Total Encryption
Akira ransomware attacks can achieve full network encryption in as little as four hours after initial VPN access, leaving organizations with a very narrow window for detection and response. Attackers exploit stolen SonicWall VPN credentials and bypass multi-factor authentication to systematically...
Read More »