WastedLocker ransomware abuses Windows feature to evade detection

The WastedLocker ransomware is abusing a Windows memory management feature to evade detection by security software.

Before we get to how WastedLocker is evading detection, it is necessary to understand how anti-ransomware solutions detect ransomware.

Anti-ransomware solutions will monitor the operating system for file system calls traditionally used by ransomware when encrypting a file.

Read more…
Source: Bleeping Computer