Driver
-
Blog
Hackers abuse Avast anti-rootkit driver to disable defenses
A new malicious campaign is using a legitimate but old and vulnerable Avast Anti-Rootkit driver to evade detection and take control of the target system by disabling security components. The malware that drops the driver is a variant of an AV Killer of no particular family. It comes with a hardcoded list of 142 names for security processes from various vendors.…
Read More » -
Blog
New SteelFox malware hijacks Windows PCs using vulnerable driver
A new malicious package called ‘SteelFox’ mines for cryptocurrency and steals credit card data by using the “bring your own vulnerable driver” technique to get SYSTEM privileges on Windows machines. The malware bundle dropper is distributed through forums and torrent trackers as a crack tool that activates legitimate versions of various software like Foxit PDF Editor, JetBrains and AutoCAD. Using a vulnerable driver…
Read More » -
Blog
New Windows Driver Signature bypass allows kernel rootkit installs
Attackers can downgrade Windows kernel components to bypass security features such as Driver Signature Enforcement and deploy rootkits on fully patched systems. This is possible by taking control of the Windows Update process to introduce outdated, vulnerable software components on an up-to-date machine without the operating system changing the fully patched status. Downgrading Windows SafeBreach security researcher Alon Leviev reported…
Read More » -
Blog
Why is ‘Adam Driver Megalopolis’ blocked in Instagram searches?
When people search for “Adam driver Megalopolis” on Instagram or Facebook right now, instead of seeing posts about Francis Ford Coppola’s latest film, they’re shown a warning, titled, “Child sexual abuse is illegal.” That bizarre fact was pointed out in a post on X yesterday, and as of today, I’m still seeing it when I search for the phrase. But…
Read More » -
Blog
How to Spot and Avoid Fake Amazon Driver Text Messages
Scammers worldwide target consumers with fake Amazon driver chat text messages. The scam tricks unsuspecting individuals into sharing personal information or making fraudulent payments. Unfortunately, because of existing laws, scammers can easily leverage people-finder sites like Intelius, TruthFinder, Instant Checkmate, Spokeo, and WhitePages to create long lists of phone numbers. Once they have these numbers, they send out phishing texts…
Read More » -
Blog
Megalopolis could have let audiences ask Adam Driver questions during showings
Somewhere in the middle of the film, as Driver’s Cesar is speaking to camera, the screen briefly went blank. There was a confused smattering of applause from those who thought it was all over—if only we’d been so lucky—but then, with the lights still down, a man ran onto the stage in front of the cinema screen from the wings,…
Read More » -
Blog
PoorTry Windows driver evolves into a full-featured EDR wiper
The malicious PoorTry kernel-mode Windows driver used by multiple ransomware gangs to turn off Endpoint Detection and Response (EDR) solutions has evolved into an EDR wiper, deleting files crucial for the operation of security solutions and making restoration harder. Though Trend Micro had warned about this functionality added on Poortry since May 2023, Sophos has now confirmed seeing the EDR…
Read More » -
Blog
Uber hit with €290m fine for storing European driver data in the US
Uber has been fined €290 million by the Dutch data protection authority for transferring the personal data of European drivers to the US without appropriate safeguards. According to the Dutch DPA, the transfers – which Uber has now halted – were a serious violation of the EU’s General Data Protection Regulation (GDPR). “In Europe, the GDPR protects the fundamental rights…
Read More » -
Blog
Uber fined $325 million for moving driver data from Europe to US
The Dutch Data Protection Authority (Autoriteit Persoonsgegevens, AP) has imposed a fine of €290,000,000 ($325 million) on Uber Technologies Inc. and Uber B.V. over GDPR violations. The authority accuses Uber of transferring personal data from the European Economic Area (EEA) to servers in the United States without adequate safeguards, as defined by Chapter V of the General Data Protection Regulation.…
Read More » -
Blog
Windows driver zero-day exploited by Lazarus hackers to install rootkit
Image: Midjourney The notorious North Korean Lazarus hacking group exploited a zero-day flaw in the Windows AFD.sys driver to elevate privileges and install the FUDModule rootkit on targeted systems. Microsoft fixed the flaw, tracked as CVE-2024-38193 during its August 2024 Patch Tuesday, along with seven other zero-day vulnerabilities. CVE-2024-38193 is a Bring Your Own Vulnerable Driver (BYOVD) vulnerability in the Windows Ancillary Function…
Read More »