Alleged Russia-linked Curly COMrades exploit Windows Hyper-V to evade EDRs

Curly COMrades threat actors exploit Windows Hyper-V to hide Linux VMs, evade EDR tools, and deploy custom malware undetected. Bitdefender researchers, aided by Georgia’s CERT, uncovered that Curly COMrades, a group linked to Russian interests, abused Windows Hyper-V to gain covert, long-term access to victims. Threat actors created hidden Alpine Linux VMs (120MB/256MB) hosting custom […]

Hackers Weaponize Windows Hyper-V to Hide Linux VM and Evade EDR Detection

itsecuritynews.info - 06/Nov 08:06

The threat actor known as Curly COMrades has been observed exploiting virtualization technologies as a way to bypass security solutions and execute...

Russian spies pack custom malware into hidden VMs on Windows machines

itsecuritynews.info - 04/Nov 19:08

Curly COMrades strike again Russia’s Curly COMrades is abusing Microsoft’s Hyper-V hypervisor in compromised Windows machines to create a hidden...

Russian spies pack custom malware into hidden VMs on Windows machines

itsecuritynews.info - 04/Nov 19:08

Curly COMrades strike again Russia’s Curly COMrades is abusing Microsoft’s Hyper-V hypervisor in compromised Windows machines to create a hidden...

Russian hackers abuse Hyper-V to hide malware in Linux VMs

bleepingcomputer.com - 04/Nov 14:00

The Russian hacker group Curly COMrades is abusing Microsoft Hyper-V in Windows to bypass endpoint detection and response solutions by creating a...

Russian hackers abuse Hyper-V to hide malware in Linux VMs

bleepingcomputer.com - 04/Nov 14:00

The Russian hacker group Curly COMrades is abusing Microsoft Hyper-V in Windows to bypass endpoint detection and response solutions by creating a...

Hackers use Hyper-V, Cisco UCCX flaw, The Louvre’s password

itsecuritynews.info - 07/Nov 08:34

Hackers use Windows Hyper-V to evade EDR detection Critical Cisco UCCX flaw lets attackers run commands as root The Louvre’s video security password...

Hackers use Hyper-V, Cisco UCCX flaw, The Louvre’s password

itsecuritynews.info - 07/Nov 08:34

Hackers use Windows Hyper-V to evade EDR detection Critical Cisco UCCX flaw lets attackers run commands as root The Louvre’s video security password...

Linux variant of Qilin Ransomware targets Windows via remote management tools and BYOVD

securityaffairs.co - 27/Oct 10:45

Qilin ransomware group used Linux binaries on Windows to evade EDRs, steal backups, and disable defenses via BYOVD attacks. Trend Research found that...

New EDR-Redir V2 Blinds Windows Defender on Windows 11 With Fake Program Files

itsecuritynews.info - 02/Nov 07:09

An upgraded release of tool EDR-Redir V2, designed to evade Endpoint Detection and Response (EDR) systems by exploiting Windows bind link technology...

New EDR-Redir V2 Blinds Windows Defender on Windows 11 With Fake Program Files

itsecuritynews.info - 02/Nov 07:09

An upgraded release of tool EDR-Redir V2, designed to evade Endpoint Detection and Response (EDR) systems by exploiting Windows bind link technology...

Rubriques :

Alleged Russia-linked Curly COMrades exploit Windows Hyper-V to evade EDRs

Articles similaires

Hackers Weaponize Windows Hyper-V to Hide Linux VM and Evade EDR Detection

Russian spies pack custom malware into hidden VMs on Windows machines

Russian spies pack custom malware into hidden VMs on Windows machines

Russian hackers abuse Hyper-V to hide malware in Linux VMs

Russian hackers abuse Hyper-V to hide malware in Linux VMs

Hackers use Hyper-V, Cisco UCCX flaw, The Louvre’s password

Hackers use Hyper-V, Cisco UCCX flaw, The Louvre’s password

Linux variant of Qilin Ransomware targets Windows via remote management tools and BYOVD

New EDR-Redir V2 Blinds Windows Defender on Windows 11 With Fake Program Files

New EDR-Redir V2 Blinds Windows Defender on Windows 11 With Fake Program Files

Les derniers communiqués