endpoint-security
2 posts
Article
RedSun turned Defender into a write primitive
RedSun turned Windows Defender's remediation path into a SYSTEM-level write primitive. The mechanism, the class, and what it exposes.
Article
Paying the ransom buys nothing here.
A ransomware build that destroys files is a wiper. The defensive failure is execution authority over data, not cryptography.