Cybercriminals are now weaponizing Windows Defender Application Control (WDAC) policies to disable Endpoint Detection and Response (EDR) agents en masse. What began as a proof-of-concept research release in December 2024 has quickly evolved into an active threat, with multiple malware families adopting WDAC policy abuse to evade detection and block security tools entirely. The original […]

The post Hackers Exploit Windows Defender Policies to Shut Down EDR Agents appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/hackers-exploit-windows-defender-policies/