Bleeping Computer

New Windows Driver Signature bypass allows kernel rootkit installs

Attackers can downgrade Windows kernel components to bypass security features such as Driver Signature Enforcement and deploy rootkits on fully patched systems. This is possible by taking control of ...
CSOonline

Cybercriminals bypass Windows security with driver-vulnerability exploit

CrowdStrike says cybercrime gang Scattered Spider has exploited longtime Windows security issues to use bring-your-own-vulnerable-driver (BYOVD) techniques against its own and other endpoint tools.
Infosecurity-magazine.com

Lazarus Group Exploits Dell Driver Vulnerability to Bypass Windows Security

The North Korea–backed threat actor known as Lazarus Group has been observed deploying a Windows rootkit by exploiting a Dell firmware driver. The campaign, which shows the hacker group’s ...
Bleeping Computer

Scattered Spider hackers use old Intel driver to bypass security

A financially motivated threat actor tracked as Scattered Spider was observed attempting to deploy Intel Ethernet diagnostics drivers in a BYOVD (Bring Your Own Vulnerable Driver) attack to evade ...