Ransomware uses vulnerable, signed driver to disable endpoint security

  • 1:46 PM, Feb 13
  • 6 Views

“Ransomware-wielding attackers have devised a novel tactic for disabling security protections that might get in their way: they are using a deprecated, vulnerable but signed driver to deliver a malicious, unsigned one that allows them to kill processes and files belonging to Windows endpoint security products.” – read more at HelpNetSecurity!

Latest Posts

Categories

Tags