CrowdStrike has shared details on Spyboy Terminator EDR killer. It is one of the EDRs, alongside the likes of Microsoft Defender, Avast, and more, that can be disabled by the evasion tool.
Driver malware RSS
Microsoft Defender now has a new feature that will protect Windows 11, Windows 10, and Windows Server devices from malicious drivers. The feature is termed "Microsoft Vulnerable Driver Blocklist".
A WHQL-certified driver called "FiveSys" was detected by Bitdefender which was, in reality, a malicious rootkit. After learning about it, the driver's signature has since been removed by Microsoft.