Security Stop-Press : Signed Malicious Windows Drivers Used In Ransomware Attacks

  • December 21, 2022
  • News

It’s been reported that kernel-mode hardware drivers that have been certified (signed) by Microsoft’s Windows Hardware Developer Program have been used maliciously in post-exploitation cyber attacks, i.e. where the attacker had already gained administrative privileges on compromised systems.

The attacks have been linked to known ransomware and SIM swappers. It is understood that Microsoft has now released security updates to revoke the certificates, has suspended the accounts used to submit the drivers to be signed, and is working on a further detection measures.

About us and this blog

We are a IT solutions and support company. In our BLOG you can find more information about services and solutions we provide and learn how they can benefit you and your business.

We offer professional IT support for small and medium size businesses, as well as support home based businesses.

To check how we can help improve your security and productivity, request your FREE IT health check today!

More from our blog

See all posts