Ransomware uses vulnerable, signed driver to disable endpoint security

  • 1:46 PM, Feb 13
  • 117 Views

“Ransomware-wielding attackers have devised a novel tactic for disabling security protections that might get in their way: they are using a deprecated, vulnerable but signed driver to deliver a malicious, unsigned one that allows them to kill processes and files belonging to Windows endpoint security products.” – read more at HelpNetSecurity!

Sign up for the Newsletter!

Read privacy statement here

Latest Posts

Categories

Tags