New ‘BlackSanta’ EDR killer spotted targeting HR departments

For more than a year, a Russian-speaking threat actor targeted human resource (HR) departments with malware that delivers a new EDR killer named BlackSanta.
SecurityWeek

‘BlackSanta’ Malware Activates EDR and AV Killer Before Detonating Payload

The malware disables antivirus and EDR protections at the kernel level, clearing the path for credential harvesting, system reconnaissance, and eventual data exfiltration. An ongoing campaign, ...
GovInfoSecurity

Russia's Unit 26165 Resumes High-End Malware Campaigns

The long-running Russian military hacking group tracked as Fancy Bear and APT28 has been wielding a new, "high-end custom arsenal" of custom ...