The BlackByte ransomware group is actively exploiting a vulnerability in RTCore32.sys and RTCore64.sys, the drivers of a widely used graphic card utility called Micro-Star MSI AfterBurner (version 4.6.2.15658). Recorded as CVE-2019-16098, the flaw allows any authenticated user to read and write to arbitrary memory, I/O ports and MSR control registers. Cybercriminals can abuse it to […]
The post Ransomware Group Uses Vulnerability to Bypass EDR Products appeared first on eSecurityPlanet.
This article has been indexed from eSecurityPlanet
Read the original article: