SEARCH
Archive
RedDriver Abuses Windows Driver Policy Loophole
An undocumented malicious driver called RedDriver uses an open-source tool to forge signature timestamps, as a way to bypass Microsoft’s Windows driver signature enforcement policies.
BlackCat Ransomware Actors Use Malicious Drivers to Evade Detection
Researchers said that malicious Windows kernel drivers will continue to be used by sophisticated groups that have the skills and resources needed to develop such tools.
Lazarus Group Exploited Dell Driver Flaw to Disable Windows Monitoring Features
Researchers said the Lazarus Group attacks were the first recorded abuse of the known Dell driver flaw (CVE-2021-21551) in the wild.
Microsoft Fixes Known, Exploited Flaw in Windows Diagnostic Tool
The flaw was first reported to Microsoft in 2019, but at the time it said it did not consider the issue to be a vulnerability.
Revamped Anchor Malware Targets Windows Systems
Researchers believe that attackers behind the Anchor malware, the Trickbot gang, have ceased Trickbot operations are instead focusing on deploying stealthier versions of other malware families.