Topic: vpn compromise

Sort by: Relevance | Date
  • Decade-Old EnCase Driver Still Defeats Modern EDR
    February 6, 2026
    73%

    Decade-Old EnCase Driver Still Defeats Modern EDR

    A new malware strain can disable modern EDR solutions by exploiting an outdated, revoked-but-still-loadable kernel driver from old EnCase forensics software. The attack uses a BYOVD technique, where the legitimate driver, once loaded, allows user-mode processes to kill critical security processes...

    Read More »
  • Forensic Tool's Signed Driver Exploited as EDR Killer
    February 5, 2026
    70%

    Forensic Tool's Signed Driver Exploited as EDR Killer

    Hackers exploited a revoked but still functional kernel driver from the EnCase forensic tool to disable endpoint security software, highlighting the threat of Bring Your Own Vulnerable Driver (BYOVD) attacks. The attackers initially breached the network via a SonicWall VPN lacking multi-factor au...

    Read More »
  • State-Sponsored Hackers Breached SonicWall in September
    November 6, 2025
    63%

    State-Sponsored Hackers Breached SonicWall in September

    State-sponsored hackers breached SonicWall's cloud environment in September, accessing firewall configuration backup files via an API call, but no products, firmware, or customer networks were compromised. The exposed backup files contained sensitive credentials, prompting SonicWall to advise aff...

    Read More »

Related Topics

multi-factor authentication (2) byovd technique (2) driver signature enforcement (2) vulnerable driver blocklist (2) network reconnaissance (1) kernel-level access (1) incident response (1) attack surface reduction (1)