Bitdefender flags Windows bind links that blind EDR

Bitdefender researchers have identified three Windows attack techniques using “bind links” to blind endpoint detection and response (EDR) tools. By abusing the bindflt.sys minifilter driver, attackers with local administrator access can redirect trusted file paths to malicious code, tricking security software into seeing a clean, signed file while an attack executes in the background. How … Read more