A sophisticated campaign has weaponized over 2,500 variants of a legitimate security driver to disable endpoint protection before deploying ransomware and remote access trojans. Attackers are abusing truesight.sys, a kernel-mode driver from Adlice Software’s RogueKiller antivirus suite. The legacy version 2.0.2 contains a critical vulnerability allowing arbitrary process termination via IOCTL command 0x22E044. This enables […]
The post Hackers Weaponize 2,500+ Security Tools to Disable Endpoint Defenses Before Ransomware Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Read the original article: