Storm-0249 Abuses EDR Processes in Stealthy Attacks

The initial access broker has been weaponizing endpoint detection and response (EDR) platforms and Windows utilities in recent high-precision attacks.