Security Stop-Press : Signed Malicious Windows Drivers Used In Ransomware Attacks

It’s been reported that kernel-mode hardware drivers that have been certified (signed) by Microsoft’s Windows Hardware Developer Program have been used maliciously in post-exploitation cyber attacks, i.e. where the attacker had already gained administrative privileges on compromised systems.

The attacks have been linked to known ransomware and SIM swappers. It is understood that Microsoft has now released security updates to revoke the certificates, has suspended the accounts used to submit the drivers to be signed, and is working on a further detection measures.

Due to continued growth and investment, we are hiring for a range of positions

Managed
Support

Security &
Compliance

Microsoft
365

Backup &
Disaster

Cloud
Solutions

Voice

Security Stop-Press : Signed Malicious Windows Drivers Used In Ransomware Attacks

Related Posts

Featured Article : LinkedIn Testing Premium Company Pages

Tech Insight : ‘Networkless’ Attacks?

Tech News : Microsoft Deepfakes Too Dangerous For Release

Tech News : Amazon Launches Amazon Live FAST Shopping Channel