An initial access broker tracked as Storm-0249 is abusing
endpoint detection and response solutions and trusted
Microsoft Windows utilities to load malware, establish
communication, and persistence in preparation for ransomware
attacks. [...]
Ransomware IAB abuses EDR for stealthy malware execution
Pensée du jour :
Ce que l'homme a fait ,
l'homme peut le défaire.
"No secure path in the world"
