EDR killer tool uses signed kernel driver from forensic software
From BleepingComputer to All on Wed Feb 4 10:10:24 2026
Hackers are abusingĀ a legitimate but long-revoked EnCase kernel driver in an EDR killer that can detect 59 security tools in attempts to deactivate them. [...]