Skip to main content

Tag: signed driver

1 article

Cluttered office desk with laptop, monitor, and papers, in a large room with fluorescent lighting.

GodDamn Ransomware Exploits Signed Driver to Disable Endpoint Defenses

Ransomware attackers have taken a disturbing new tactic, using a malicious kernel driver signed by Microsoft to disable endpoint defenses and wreak havoc on systems. The PoisonX driver, identified as g11.sys, is a game-changer in ransomware operations, making it harder for security teams to detect and respond to threats.

Analyst 207