Ransomware Identifying Ransomware’s Stealthy Boot Configuration Edits

MuzzMelbourne

MuzzMelbourne

Level 15
Thread author
Verified
Top Poster
Well-known
Mar 13, 2022
599
The research by Binary Defense entails the various threat hunting techniques and detections for a regularly reported Ransomware-as-a-Service (RaaS) methodology. Using the built-in Windows programme bcdedit.exe (Boot Configuration Data Edit), threat actors have been spotted changing boot loader configurations to:
  • Modify Boot Status Policies
  • Disable Recovery Mode
  • Enable Safe Mode
Click to expand...

www.cysecurity.news

Identifying Ransomware’s Stealthy Boot Configuration Edits

Threat actors have been spotted changing boot loader configurations, read on to know more.
www.cysecurity.news www.cysecurity.news
 
  • Like
Reactions: Destroyinu, Trooper, Zartarra and 7 others

Similar threads

Trident
    • Like
    • +Reputation
    • Hundred Points
Serious Discussion Harmony Endpoint by Check Point
Replies
677
Views
45,167
Other security for Windows, Mac, Linux
Sandbox Breaker
Sandbox Breaker
Bot
    • Like
Force firmware code to be measured and attested by Secure Launch on Windows 10
Replies
1
Views
1,964
Microsoft Defender
SpiderWeb
SpiderWeb
Bot
    • Like
  • Locked
Attack inception: Compromised supply chain within a supply chain poses new risks
Replies
1
Views
1,486
Microsoft Defender
shmu26
shmu26

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top