21 Dec Security Stop-Press : Signed Malicious Windows Drivers Used In Ransomware Attacks
It’s been reported that kernel-mode hardware drivers that have been certified (signed) by Microsoft's Windows Hardware Developer Program have been used maliciously in post-exploitation cyber attacks, i.e. where the attacker had already gained administrative privileges on compromised systems. The attacks have been linked to known ransomware...