Information security
fromTechzine Global
4 weeks agoNovel attack technique freezes endpoint security via Windows function
EDR-Freeze leverages WerFaultSecure and MiniDumpWriteDump race conditions to suspend EDR processes from user mode, effectively disabling endpoint security without exploiting vulnerabilities.