Bleeping Computer

Malicious Windows kernel drivers used in BlackCat ransomware attacks

The ALPHV ransomware group (aka BlackCat) was observed employing signed malicious Windows kernel drivers to evade detection by security software during attacks. The driver seen by Trend Micro is an ...
Bleeping Computer

Hackers exploit Windows policy to load malicious kernel drivers

Microsoft blocked code signing certificates predominantly used by Chinese hackers and developers to sign and load malicious kernel mode drivers on breached systems by exploiting a Windows policy ...
Threat Post

BYO-Bug Tactic Attacks Windows Kernel with Outdated Driver

The RobbinHood ransomware is using a deprecated Gigabyte driver as the tip of the spear for taking out antivirus products. The operators behind the RobbinHood ransomware are using a vulnerable, legacy ...