EDR killer

RSS

Inside Shanya, a packer-as-a-service fueling modern attacks

Threat Research

EDR killer

featured

packer

Ransomware

shanya

SophosLabs

Inside Shanya, a packer-as-a-service fueling modern attacks

December 6, 2025

A person, face obscured, behind a sheet of yellow paper. A torn gap in the paper shows the person putting both hands to their ear as though trying to hear something.

Threat Research

avkiller

EDR killer

featured

heartcrypt

RansomHub

Sophos X-Ops

Shared secret: EDR killer in the kill chain

August 6, 2025

An EDR killer Sophos X-Ops has tracked for three years continues to bedevil organizations targeted by ransomware gangs.

Threat Research

BlackCat

BURNTCIGAR

Cuba

EDR

EDR killer

kernel driver

leaked certificate

Lockbit

Medusa

PoorTry

RansomHub

Ransomware

signature

signed driver

StoneStop

Attack tool update impairs Windows computers

August 27, 2024

Un hombre con uniforme de policía bloquea la entrada a un edificio acristalado con los brazos en alto. Los atacantes de ransomware introducen un nuevo asesino EDR en su arsenal. Sophos descubre el uso de EDRKillShifter por los atacantes del ransomware RansomHub. Por Andreas Klopsch. Fuente de la imagen: Shutterstock

Threat Research

BYOVD

EDR

EDR killer

EDRKillShifter

featured

Ransomware

Ransomware attackers introduce new EDR killer to their arsenal

August 14, 2024

Threat Research

act

active adversary

anti-EDR

AuKill

backstab

EDR

EDR killer

featured

malware

Process Explorer

procexp

Sophos X-Ops

targeted attacks

‘AuKill’ EDR killer malware abuses Process Explorer driver

April 19, 2023