New GhostTree Attack Causes EDR Tools to Hang, Leaving Files Unscanned
Source: Gbhackers
Published:
<p>A newly disclosed attack technique dubbed “GhostTree” is raising concerns among defenders after researchers demonstrated how it can disrupt endpoint detection and response (EDR) tools and bypass file scanning mechanisms on Windows systems. The technique, discovered by Varonis Threat Labs, abuses