Weakness in EDR Tools Lets Attackers Push Malware Past Them

A technique called hooking used by most endpoint detection and response products to monitor running processes can be abused, new research shows. A fundamental weakness in the way almost all endpoint detection and response (EDR) systems work gives attackers an opening to sneak malware past them. Fixing the issue is not going to be easy, requiring a substantial overhaul of most current EDR systems on the market, Optiv said in a report this week.

Link: Weakness in EDR Tools Lets Attackers Push Malware Past Them
via http://www.darkreading.com

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s