Article may be outdated

This article is 8 days old. Some details may have changed since publication.

Infosecurity Magazine·3 min read·medium

New Ransomware Exploits Malicious Driver to Remove Security Protection

D
Danny Palmer
New Ransomware Exploits Malicious Driver to Remove Security Protection
AI Summary

A ransomware family known as Hyadina is using malicious, Microsoft-signed drivers to disable security software on infected endpoints. The attackers gain initial access through compromised accounts before deploying tools to steal credentials and encrypt data.

The latest incarnation of a family of ransomware which has been hitting organizations since 2022 has evolved to exploit Microsoft-signed malicious drivers to prevent endpoint defenses from detecting and disrupting its attacks.

Continue reading on Headlinne

Create a free account to read the full article.

Read full article →
technologybusiness

Get the full story

Sign up for Headlinne to unlock AI insights, political bias analysis, and your personalized news feed.

Create free account

Already have an account? Sign in