MDR Insights
EDR Vulnerabilities
A recent vulnerability known as Aikidodemonstrated how some EDR technologies could be used as data wipers on the installed hosts. Yair, a security researcher at SafeBreach, released the proof-of-concept at 2022’s Blackhat conference showing how unprivileged user access could manipulate an EDR sensor into wiping files on the system. Bitdefender was one of the tested solutions and was not found vulnerable to this attack. However, since EDR sensors have become widely accepted security technology, this means that every host has a singular technology that could be used or avoided in an attack. Additional capabilities of the EDR sensors, like remote shell access, isolation capabilities, or even preventative capabilities, would be highly sought after by attackers looking to use native tools.

Article Link: Bitdefender Threat Debrief | December 2022