byovd attack

BigTech Companies

Forensic Tool’s Signed Driver Exploited as EDR Killer

Hackers exploited a revoked but still functional kernel driver from the EnCase forensic tool to disable endpoint security software, highlighting…

Read More »
Business

DeadLock Ransomware Evades Security with BYOVD Attack

The DeadLock ransomware campaign uses a BYOVD technique, exploiting a known vulnerability (CVE-2024-51324) in a Baidu Antivirus driver to disable…

Read More »
Cybersecurity

8 Ransomware Groups Now Using This EDR-Bypassing Tool

A new advanced tool is being used by multiple ransomware groups to bypass endpoint security by exploiting vulnerable drivers and…

Read More »
BigTech Companies

Akira Ransomware Exploits CPU Tool to Bypass Microsoft Defender

A ransomware campaign exploits Intel's ThrottleStop driver (rwdrv.sys) to disable Microsoft Defender via BYOVD attacks, deploying a malicious driver (hlpdrv.sys)…

Read More »