// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRF-01DTG 0600Z
ColdRecon / Brief Archive / Week of August 14, 2023
Signal Brief · Archived

Week of August 14, 2023

2023-08-14 — 2023-08-20 · 1 PUBLIC EVENT · GENERAL / NON-PERSONALIZED

In the week of August 14, 2023, ColdRecon logged 1 public endpoint-security event from open-source reporting — 1 research poc. Vendors in the record this week: Sophos, Microsoft.

The Week's Public Record

Events

2023-08-16
research poc
AuKill EDR Killer Malware Technical AnalysisAuKill
A technical analysis of the AuKill malware, which uses a Bring Your Own Vulnerable Driver (BYOVD) technique with the PROCEXP.SYS driver to terminate protected EDR processes. The malware targets solutions like Sophos and Windows Defender, and has been used by ransomware groups including LockBit and Medusa.
Every event in this brief is a record in ColdRecon's canonical set, drawn from public open-source reporting and linked to its source. This is the general, non-personalized signal — published 7 days after the fact. The live daily brief, written for your deals, is for cleared officers.

This is last week, public. Get this morning's, written for you.

The live ColdRecon brief lands at 0600 daily — the same signal, filtered to your competitors and framed for your deals. Request clearance and tomorrow's is yours.

Request Clearance →