New "Bring Your Own Installer" EDR Bypass Technique Used in Ransomware Attack

A new EDR bypass technique called "Bring Your Own Installer" has been exploited to circumvent the tamper protection feature of SentinelOne, allowing malicious actors to disable endpoint detection and response (EDR) agents to install the Babuk ransomware. This technique enables attackers to neutralize the defenses of targeted systems, thereby facilitating the installation and execution of the ransomware.