Saturday, October 8, 2022

BlackByte Ransomware Abuses Vulnerable Windows Driver to Disable Security Solutions

In yet another case of bring your own vulnerable driver (BYOVD) attack, the operators of the BlackByte ransomware are leveraging a flaw in a legitimate Windows driver to bypass security solutions. "The evasion technique supports disabling a whopping list of over 1,000 drivers on which security products rely to provide protection," Sophos threat researcher Andreas Klopsch said in a new technical
http://dlvr.it/SZjx10
-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering

The Chinese nation-state group known as Camaro Dragon has been linked to yet another backdoor that's designed to meet its intelligence-g...