-
New SteelFox malware hijacks Windows PCs using vulnerable driver
A new malicious package called 'SteelFox' mines for cryptocurrency and steals credit card data by using the "bring your own vulnerable driver" technique to get SYSTEM privileges on Windows machines.
- November 06, 2024
- 12:53 PM
0
-
Windows driver zero-day exploited by Lazarus hackers to install rootkit
The notorious North Korean Lazarus hacking group exploited a zero-day flaw in the Windows AFD.sys driver to elevate privileges and install the FUDModule rootkit on targeted systems.
- August 19, 2024
- 11:32 PM
2
-
Sponsored Content
Free shadow SaaS inventory + security insightsDiscover all SaaS accounts ever created by anyone in your org, in minutes, along with insights on security risks and spend. Save time, money and effort by curbing SaaS sprawl and automating tasks like offboarding and user access reviews. Free trial.
-
Kasseika ransomware uses antivirus driver to kill other antiviruses
A recently uncovered ransomware operation named 'Kasseika' has joined the club of threat actors that employs Bring Your Own Vulnerable Driver (BYOVD) tactics to disable antivirus software before encrypting files.
- January 23, 2024
- 02:58 PM
- 0
-
Ransomware gangs abuse Process Explorer driver to kill security software
Threat actors use a new hacking tool dubbed AuKill to disable Endpoint Detection & Response (EDR) Software on targets' systems before deploying backdoors and ransomware in Bring Your Own Vulnerable Driver (BYOVD) attacks.
- April 19, 2023
- 01:46 PM
- 5
-
Hackers backdoor Windows devices in Sliver and BYOVD attacks
A new hacking campaign exploits Sunlogin flaws to deploy the Sliver post-exploitation toolkit and launch Windows Bring Your Own Vulnerable Driver (BYOVD) attacks to disable security software.
- February 06, 2023
- 04:00 PM
- 0
-
Scattered Spider hackers use old Intel driver to bypass security
A financially motivated threat actor tracked as Scattered Spider was observed attempting to deploy Intel Ethernet diagnostics drivers in a BYOVD (Bring Your Own Vulnerable Driver) attack to evade detection from EDR (Endpoint Detection and Response) security products.
- January 11, 2023
- 04:55 PM
- 6
