-
Ransomware IAB abuses EDR for stealthy malware execution
An initial access broker tracked as Storm-0249 is abusing endpoint detection and response solutions and trusted Microsoft Windows utilities to load malware, establish communication, and persistence in preparation for ransomware attacks.
- December 09, 2025
- 10:24 AM
0
-
CISA warns of Lanscope Endpoint Manager flaw exploited in attacks
The Cybersecurity & Infrastructure Security Agency (CISA) is warning that hackers are exploiting a critical vulnerability in the Motex Landscope Endpoint Manager.
- October 23, 2025
- 12:24 PM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
New EDR-Freeze tool uses Windows WER to suspend security software
A new method and proof-of-concept tool called EDR-Freeze demonstrates that evading security solutions is possible from user mode with Microsoft's Windows Error Reporting (WER) system.
- September 22, 2025
- 01:07 PM
- 2
-
AvosLocker ransomware reboots in Safe Mode to bypass security tools
Recent AvosLocker ransomware attacks are characterized by a focus on disabling endpoint security solutions that stand in the way of threat actors.
- December 23, 2021
- 12:47 PM
- 0
-
Microsoft Defender ATP adds vulnerable Windows device tracking
The Microsoft Defender Advanced Threat Protection (ATP) endpoint security platform now provides users with a new report designed to help them keep track of vulnerable Windows and macOS devices within their organization's environment.
- October 28, 2020
- 04:11 PM
- 0
-
Microsoft Defender ATP Gets Advanced Hunting Capabilities, More
Microsoft announced today that several new Threat & Vulnerability Management (TVM) capabilities will go into public preview for Microsoft Defender ATP customers including vulnerability Assessment (VA) support for Windows Servers, advanced hunting with vulnerability data, and automated analysis of remediation on user impact.
- November 06, 2019
- 03:00 AM
- 0
-
Bad McAfee Exploit Prevention Update Blocked Windows Logins
An update for the McAfee Endpoint Security (ENS) security software was released today that caused major headaches for system administrators all over the world as it prevented users from being able to login to their computers.
- July 10, 2019
- 05:46 PM
- 2
