New "Bring Your Own Installer" EDR bypass used in ransomware attack
From BleepingComputer to All on Mon May 5 16:57:13 2025
A new "Bring Your Own Installer" EDR bypass technique is exploited in attacks to bypass SentinelOne's tamper protection feature, allowing threat actors to disable endpoint detection and response (EDR) agents to install the Babuk ransomware. [...]