Ransomware uses vulnerable, signed driver to disable endpoint security

10 February 2020

Ransomware-wielding attackers have devised a novel tactic for disabling security protections that might get in their way: they are using a deprecated, vulnerable but signed driver to deliver a malicious, unsigned one that allows them to kill processes and files belonging to Windows endpoint security products.

Read full article on Help Net Security

Date:

10 February 2020

Categorie(s):

NEWS

Tag(s):

Code Signing, Cybercrime, Endpoint Security, Security Pro, Sophos

How To Properly Secure SAP Fiori 12 May 2024
Hackers Moving To AI But Lacking Behind The Defenders In Adoption Rates12 May 2024
Week in review: Veeam fixes RCE flaw in backup management platform, Patch Tuesday forecast12 May 2024
Critical infrastructure security will stay poor unless everyone pulls together11 May 2024
RSA Conference 2024 goes beyond AI-powered security to securing AI itself11 May 2024