Bleeping Computer

New Windows Driver Signature bypass allows kernel rootkit installs

Attackers can downgrade Windows kernel components to bypass security features such as Driver Signature Enforcement and deploy rootkits on fully patched systems. This is possible by taking control of ...
CSOonline

Cybercriminals bypass Windows security with driver-vulnerability exploit

CrowdStrike says cybercrime gang Scattered Spider has exploited longtime Windows security issues to use bring-your-own-vulnerable-driver (BYOVD) techniques against its own and other endpoint tools.