Attackers Weaponizing Trusted Windows Drivers to Kill AV and EDR Processes

Attackers are increasingly abusing trusted Windows drivers to turn off antivirus (AV) and endpoint detection and response (EDR) tools, using a technique known as Bring Your Own Vulnerable Driver (BYOVD). Once considered niche, BYOVD has rapidly become a standard component of modern ransomware campaigns, enabling threat actors to operate at the highest privilege level in […]

The post Attackers Weaponizing Trusted Windows Drivers to Kill AV and EDR Processes appeared first on Cyber Security News.

This article has been indexed from Cyber Security News

Read the original article: