New Zloader attacks disable Windows Defender to evade detection

One of the active defence components I work with monitors for activity that attempts to disable end point security, a kind of “Quis custodiet ipsos custodes?” for the 21st century. What do you do to check that your expensive EDR is actually working?…:

An ongoing Zloader campaign uses a new infection chain to disable Microsoft Defender Antivirus (formerly Windows Defender) on victims’ computers to evade detection. […]

Original Article