Tag: EDR tampering
Cybersecurity Threat Advisory: BYOI endpoint detection and response bypass
Cybersecurity Threat Advisory: BYOI endpoint detection and response bypass
A sophisticated attack technique known as “Bring Your Own Installer” (BYOI) has been employed by threat actors to bypass SentinelOne’s tamper protection, facilitating the deployment of Babuk ransomware. This method leverages legitimate installers to execute malicious payloads, effectively evading endpoint...
