CSO Online

Attackers exploit decade‑old Windows driver flaw to shut down modern EDR defenses

Attackers abused a signed but long-revoked EnCase Windows kernel driver in a BYOVD attack to terminate all security tools.
Dark Reading

EnCase Driver Weaponized as EDR Killers Persist

The forensic tool's driver was signed with a digital certificate that expired years ago, but major security gaps allowed ...

EDR killer tool uses signed kernel driver from forensic software

Hackers are abusing a legitimate but long-revoked EnCase kernel driver in an EDR killer that can detect 59 security tools in ...
CRN

CrowdStrike: Microsoft’s Windows Kernel Update Process ‘Was Followed’

In a statement responding to CRN’s interview with SentinelOne CEO Tomer Weingarten, CrowdStrike says that its July 19 update did not bypass Microsoft’s ‘clear kernel review process.’ CrowdStrike said ...
EurekAlert!

Windows kernel defenses aren't enough to stop a lucrative game cheating market – new study

Hackers commonly bypass Microsoft Windows kernel protections to enable cheating in competitive online games, new research shows. Academics at the University of Birmingham performed a technical ...
TechSpot

Microsoft plans to move security software out of the Windows kernel

Forward-looking: The CrowdStrike incident has once again highlighted concerns about Windows security. Microsoft was adversely affected by the Texas company's poor update practices, but it prompted ...
Neowin

Despite Microsoft's claim, kernel reveals why Windows 11 isn't really faster than 10Despite Microsoft's claim, kernel reveals why Windows 11 isn't really faster than 10Despite ...

For the longest time, since the public announcement of Windows 11 in around the middle of 2021, Microsoft has maintained that its newest offering was meant to get the best out of hardware. And it wasn ...