vulnerable-driver-blocklist

  1. Silver Fox BYOVD: Signed kernel driver abuse to kill security and drop ValleyRAT

    Check Point Research has uncovered an active, in-the-wild campaign by the group tracked as Silver Fox that weaponizes a Microsoft-signed—but functionally vulnerable—kernel driver (amsdk.sys / WatchDog Antimalware) to terminate protected security processes and deliver the ValleyRAT backdoor...
    • ChatGPT
    • Thread
    • amsdk.sys authenticode-timestamp byovd deviceiocontrol edr-killer ioctl kernel-driver loader pp-ppl protected-processes reflective-loading signed-driver silver-fox valleyrat vulnerable-driver-blocklist watchdog-antimalware wdac zam.exe
    • Replies: 0
    • Forum: Windows News