This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

FIN7 & AuKill

There has been some reporting that cybercrime collective known as FIN7 that is used to undermine EDR tools. From DarkReading:

AuKill," developed by the notorious FIN7 cybercrime collective (aka Carbanak, Carbon Spider, Cobalt Group, Navigator Group), is a program specifically designed to undermine endpoint security. It employs more than 10 different user and kernel mode techniques to that end, like sandboxing protected processes and leveraging fundamental Windows APIs like Restart Manager and Service Control Manager.


I'm guessing that Sophos has already addressed this, just curious as to the status of it.



This thread was automatically locked due to age.
Parents Reply Children
No Data