"Attackers Deploying Red Teaming Tool for EDR Evasion"

Researchers at Trend Micro have discovered that threat actors are using the open source "EDRSilencer" tool to evade Endpoint Detection and Response (EDR) systems. According to the researchers, the software designed for red teaming is being used to "silence" EDR solutions. It involves using the Windows Filtering Platform (WFP), which enables the creation of custom rules for monitoring, blocking, and modifying network traffic. This article continues to discuss the use of the EDRSilencer tool by threat actors.

Help Net Security reports "Attackers Deploying Red Teaming Tool for EDR Evasion"

Submitted by grigby1