Lucene search
K

10 matches found

HackRead
HackRead
added 2025/03/21 5:35 p.m.9 views

Checkpoint ZoneAlarm Driver Flaw Exposes Users to Credential Theft

Credential theft alert! Venak Security discovers a BYOVD attack using .SYS drivers to bypass Windows security. Learn how…...

7.3AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/13 12:27 a.m.6 views

CVE-2024-51324

An issue in the BdApiUtil driver of Baidu Antivirus v5.2.3.116083 allows attackers to terminate arbitrary process via executing a BYOVD Bring Your Own Vulnerable Driver attack...

3.8CVSS6.9AI score0.00472EPSS
Exploits1References1
The Hacker News
The Hacker News
added 2024/01/24 11:20 a.m.49 views

Kasseika Ransomware Using BYOVD Trick to Disarms Security Pre-Encryption

The ransomware group known as Kasseika has become the latest to leverage the Bring Your Own Vulnerable Driver BYOVD attack to disarm security-related processes on compromised Windows hosts, joining the likes of other groups like Akira, AvosLocker, BlackByte, and RobbinHood. The tactic allows...

8.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/11/02 8:59 a.m.124 views

Researchers Find 34 Windows Drivers Vulnerable to Full Device Takeover

As many as 34 unique vulnerable Windows Driver Model WDM and Windows Driver Frameworks WDF drivers could be exploited by non-privileged threat actors to gain full control of the devices and execute arbitrary code on the underlying systems. "By exploiting the drivers, an attacker without privilege...

7.8CVSS8AI score0.0046EPSS
Exploits1
The Hacker News
The Hacker News
added 2023/07/03 4:46 a.m.19 views

BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising

Threat actors associated with the BlackCat ransomware have been observed employing malvertising tricks to distribute rogue installers of the WinSCP file transfer application. "Malicious actors used malvertising to distribute a piece of malware via cloned webpages of legitimate organizations," Tre...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/03 1:27 p.m.2 views

Chinese Hacker Group Earth Longzhi Resurfaces with Advanced Malware Tactics

A Chinese state-sponsored hacking outfit has resurfaced with a new campaign targeting government, healthcare, technology, and manufacturing entities based in Taiwan, Thailand, the Philippines, and Fiji after more than six months of no activity. Trend Micro attributed the intrusion set to a cyber...

8.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/03 1:27 p.m.44 views

Chinese Hacker Group Earth Longzhi Resurfaces with Advanced Malware Tactics

A Chinese state-sponsored hacking outfit has resurfaced with a new campaign targeting government, healthcare, technology, and manufacturing entities based in Taiwan, Thailand, the Philippines, and Fiji after more than six months of no activity. Trend Micro attributed the intrusion set to a cyber...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/08 10:34 a.m.42 views

Lazarus Group Exploits Zero-Day Vulnerability to Hack South Korean Financial Entity

The North Korea-linked Lazarus Group has been observed weaponizing flaws in an undisclosed software to breach a financial business entity in South Korea twice within a span of a year. While the first attack in May 2022 entailed the use of a vulnerable version of a certificate software that's wide...

Exploits0
The Hacker News
The Hacker News
added 2022/10/07 6:52 a.m.333 views

BlackByte Ransomware Abuses Vulnerable Windows Driver to Disable Security Solutions

In yet another case of bring your own vulnerable driver BYOVD attack, the operators of the BlackByte ransomware are leveraging a flaw in a legitimate Windows driver to bypass security solutions. "The evasion technique supports disabling a whopping list of over 1,000 drivers on which security...

7.8CVSS8.5AI score0.18188EPSS
Exploits8
The Hacker News
The Hacker News
added 2022/10/03 10:56 a.m.276 views

Hackers Exploiting Dell Driver Vulnerability to Deploy Rootkit on Targeted Computers

The North Korea-backed Lazarus Group has been observed deploying a Windows rootkit by taking advantage of an exploit in a Dell firmware driver, highlighting new tactics adopted by the state-sponsored adversary. The Bring Your Own Vulnerable Driver BYOVD attack, which took place in the autumn of...

8.8CVSS0.3AI score0.58132EPSS
Exploits17
Rows per page
Query Builder