MEDUSA ransomware operation has been observed leveraging a sophisticated malicious driver called ABYSSWORKER to disable endpoint detection and response (EDR) systems. This dangerous capability allows the ransomware to operate undetected, significantly increasing the threat to organizations’ security infrastructure. The ABYSSWORKER driver is deployed alongside a HEARTCRYPT-packed loader as part of the MEDUSA ransomware attack chain. […]
The post MEDUSA Ransomware Using Malicious ABYSSWORKER Driver to Disable EDR appeared first on Cyber Security News.
This article has been indexed from Cyber Security News