AuKill tool uses BYOVD attack to disable EDR software
![](https://search.ai.wiki/wp-content/uploads/2023/04/aukill-tool-uses-byovd-attack-to-disable-edr-software.png)
Ransomware operators use the AuKill tool to disable EDR software through Bring Your Own Vulnerable Driver (BYOVD) attack.
Sophos researchers reported that threat actors are using a previously undocumented defense evasion tool, dubbed AuKill, to disable endpoint detection and response …