Cyber Security Headlines EDR-Freeze, DeepMind persuasion, vendors exit ATT&CK
21 snips
Sep 23, 2025 Explore the new EDR-Freeze tool that halts antivirus processes. Discover DeepMind's latest persuasion risk category and the surprising exits of major vendors from MITRE EDR Evaluations. Learn about fake GitHub repositories delivering malware and the implications of misinformation campaigns. The podcast also touches on critical patches and data exposure incidents sure to raise eyebrows. Tune in for insights that could change how you view cybersecurity risks!
AI Snips
Chapters
Transcript
Episode notes
EDR Suspension Via OS Crash-Dump
- EDR Freeze abuses Windows crash-dump mechanisms to suspend security processes indefinitely.
- This technique shows OS features can be repurposed to neutralize endpoint defenses without code injection.
DeepMind Flags Persuasion Risk
- DeepMind added a persuasion risk category for frontier models that can manipulate beliefs and behaviors.
- This recognizes systemic manipulation as a distinct high-stakes risk needing dedicated mitigations.
Map Dump Handlers To Spot Abuse
- Monitor and map OS handlers like where fault secure to detect potential abuse of dump APIs.
- Use tooling such as Stephen Lim's mapping to quickly find and remediate vulnerable Defender processes.