Shared secret: EDR killer in the kill chain – Sophos News

Ransomware groups are increasingly using sophisticated tools to disable endpoint security solutions, enabling undetected operations. These tools, often developed by ransomware groups or purchased from underground marketplaces, are obfuscated using packer-as-a-service offerings. Evidence suggests tool sharing and technical knowledge transfer among competing ransomware groups, utilizing different builds of the same proprietary tool.