Hackers Use Legitimate Drivers to Kill Antivirus Processes and Lower The System’s Defenses

Threat Score:
49
Cybersecurity News
3 days ago

Overview

In a sophisticated campaign first observed in October 2024, attackers have begun leveraging a legitimate driver to disable antivirus software across compromised networks. By abusing the ThrottleStop.sys driver—originally designed by TechPowerUp to manage CPU throttling—the malware gains kernel‐level memory access to terminate security processes at will. Initial access is most often achieved through stolen RDP […]...

Related Articles

5 articles
1

Google confirms Salesforce CRM breach, faces extortion threat

Security Affairs 4 hours ago

Google disclosed a Salesforce Customer Relationship Management (CRM) breach exposing data of some prospective Google Ads customers. Google confirmed a breach in a Salesforce CRM instance affecting the data of prospective Google Ads customers. The website Databreaches.net reported that the attackers have sent an extortion demand to the Tech giant. Google Threat Intelligence Group confirmed that […]

Score
87
Read more
2

Google Hacked – Approx 2.5 Million Records of Google Ads Customer Data Leaked

GB Hackers 2 hours ago

Google Hacked – Approx 2.5 Million Records of Google Ads Customer Data Leaked Google has disclosed a significant data breach involving one of its corporate Salesforce instances, compromising customer data tied to its Google Ads platform. Google has not revealed the exact number of people impacted, but according to ShinyHunters,who spoke with Cyber Security News, the breach exposed around 2.5 million records (Approx). Whether some of these entries are duplicates is still unknown. The incident, de

Score
85
Read more
4

New Win-DDoS Flaws Let Attackers Turn Public Domain Controllers into DDoS Botnet via RPC, LDAP

The Hacker News 2 hours ago

A novel attack technique could be weaponized to rope thousands of public domain controllers (DCs) around the world to create a malicious botnet and use it to conduct power distributed denial-of-service (DDoS) attacks. The approach has been codenamed Win-DDoS by SafeBreach researchers Or Yair and Shahak Morag, whopresentedtheir findings at the DEF CON 33 security conference today. "As we explored the intricacies of the Windows LDAP client code, we discovered a significant flaw that allowed us to

Score
82
Read more
5

Hackers Found Backdoor in High-Security Safes—Opens in Seconds

Spybusters 6 hours ago

Security researchers found two techniques to crack at least eight brands of electronic safes—used to secure everything from guns to narcotics. James Rowley and Mark Omo got curious a scandal in the world of electronic safes... In the process, they'd find something far bigger: another form of backdoor intended to let authorized locksmiths open not just Liberty Safe devices, but the high-security Securam Prologic locks used in many of Liberty’s safes and those of at least seven other brands.  More

Score
76
Read more