In yet another case of bring your own vulnerable driver (BYOVD) attack, the operators of the BlackByte ransomware are leveraging a flaw in a legitimate Windows driver to bypass security solutions. “The evasion technique supports disabling a whopping list of over 1,000 drivers on which security products rely to provide protection,” Sophos threat researcher Andreas […]
Posts Tagged ‘Windows Vulnerability’
The vulnerability in question is CVE-2022-26925, which Microsoft describes as a Windows LSA spoofing vulnerability. The issue was addressed with the May 2022 Patch Tuesday updates and Microsoft warned at the time that the vulnerability has been publicly disclosed and exploited in attacks. “An unauthenticated attacker could call a method on the LSARPC interface and […]
The security hole, tracked as CVE-2022-22718, was fixed by Microsoft with its February 2022 Patch Tuesday updates. It was one of the four Print Spooler issues addressed at the time. According to Microsoft, CVE-2022-22718 can be exploited by a local attacker to escalate privileges, without the need for any user interaction. CISA on Tuesday added […]
SATURDAY, APRIL 20, 2024
WHITE PAPERS
Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...
ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...
Latest Comments