Home windows customers ought to take into consideration reinforcing their antivirus software program. And whereas Microsoft Defender ought to present a line of protection in opposition to ransomware, a brand new report claims that hackers have discovered a approach to get across the ransomware software to contaminate PCs with ransomware.
A GuidePoint Safety report (by way of BleepingComputer) discovered that hackers are utilizing Akira ransomware to take advantage of a legit PC driver to load a second, malicious driver that shuts off Home windows Defender, permitting for all kinds of monkey enterprise.
Microsoft is pushing Copilot on Bing customers, report says
The great driver that is being exploited right here known as “rwdrv.sys,’ which is used for tuning software program for Intel CPUs. Hackers abuse it to put in “hlpdrv.sys,” one other driver that they then use to get round Defender — and begin doing no matter it’s they need to do.
Mashable Mild Pace
GuidePoint reported seeing this kind of assault beginning in the course of July. It does not seem to be the loophole has been patched but, however the extra individuals find out about it, the much less possible it’s for the exploit to work in opposition to them, at the least in principle.
Within the meantime, permit our colleagues at PCMag to advocate some high quality third-party antivirus software program to you in your Home windows PC. For extra data on the most recent Akira ransomware assaults — together with attainable defenses — head to GuidePoint Safety.
