Microsoft announced last week that starting with Windows 10, version 1607, the operating system will refuse to load any new kernel mode drivers that are not signed by the Windows Hardware Developer ...

Attackers abused a signed but long-revoked EnCase Windows kernel driver in a BYOVD attack to terminate all security tools.

Threat actors are exploiting security gaps to weaponize Windows drivers and terminate security processes, and there may be no easy fixes in sight.

The RobbinHood ransomware is using a deprecated Gigabyte driver as the tip of the spear for taking out antivirus products. The operators behind the RobbinHood ransomware are using a vulnerable, legacy ...

Hackers are abusing a legitimate but long-revoked EnCase kernel driver in an EDR killer that can detect 59 security tools in ...

Details have been disclosed on a Windows kernel-mode driver privilege escalation vulnerability that was patched Tuesday by Microsoft. The vulnerabilities addressed in this month’s Patch Tuesday ...

Windows 11 is adding Baseline Security Mode to block unsigned apps, services, and drivers by default, plus new consent prompts for sensitive access and bundled installs, with exceptions when needed ...

Microsoft has outlined why its new breed of Secured-core PCs, such as the Surface Pro X, are equipped to fight off ransomware and other malware that attack vulnerable hardware drivers to compromise a ...

At the DEF CON 27 security conference today in Las Vegas, security researchers from Eclypsium gave a talk about common design flaws they found in more than 40 kernel drivers from 20 different hardware ...