Filter
Exclude
Time range
-
Near
Mr.Rabbit
 @01ra66it
7 Jul 2025
脅威アクターが合法署名カーネルドライバーを悪用しEDR無効化。2020年以降、署名済ドライバ620件・80証明書超の流通、EV証明書は闇市場で最大6.5千ドル。POORTRY/STONESTOP等が利用され、Microsoftは証明書失効・Blocklist強化済。#KernelThreat #SignedDriver gbhackers.com/abusing-trust-…

Abusing Trust: Threat Actors Leverage Signed Drivers for Stealthy Windows Kernel Exploits

Cybercriminals continue to use kernel-level malware as a preferred weapon against Windows systems amid a terrifying increase in cyberthreats.

gbhackers.com
6
30
1,825
Zohdy @7odaZohdy
3 Feb 2025
While monitoring kernel driver abuse, I’ve noticed a shift in tactics. Some Threat actors now sign free drivers or re-sign old vulnerable ones with PoCs, enabling privilege escalation and defense evasion with minimal effort. 1/5 #DriverExploitation #KernelThreats #SignedDriver
1
3
177
Load more