BlackByte Ransomware Abuses Vulnerable Windows Driver to Disable Security Solutions

07

Oct

2022

BlackByte Ransomware Abuses Vulnerable Windows Driver to Disable Security Solutions

image credit: unsplash

In yet another case of bring your own vulnerable driver (BYOVD) attack, the operators of the BlackByte ransomware are leveraging a flaw in a legitimate Windows driver to bypass security solutions.

“The evasion technique supports disabling a whopping list of over 1,000 drivers on which security products rely to provide protection,” Sophos threat researcher Andreas Klopsch said in a new technical write-up.

Archives

Archives

About Us

Our mission is to help users and also IT security passionate to reach relevant information related to cyber security.

This publication contains a lot of information and guidance on how to better protect your IT systems, data and activities from malicious factors, and also on how to safely navigate the Internet.

We look forward to hearing from you about cyber safety. Please let us know if there’s something specific you’re interested in learning about.

Contact Us

Name *
Your name is required

E-mail *
Email address entered is invalid

Please enter a message

Incorrect security code

The Latest in IT Security

BlackByte Ransomware Abuses Vulnerable Windows Driver to Disable Security Solutions

Categories

Featured

Archives

Latest Comments

About Us

Contact Us