Ransomware uses vulnerable, signed driver to disable endpoint security
![](https://www.openvirtualization.pro/wp-content/uploads/2019/07/helpnetsecurity-699x454.png)
“Ransomware-wielding attackers have devised a novel tactic for disabling security protections that might get in their way: they are using a deprecated, vulnerable but signed driver to deliver a malicious, unsigned one that allows them to kill processes and files belonging to Windows endpoint security products.” – read more at HelpNetSecurity!