A new method of exploiting the “Bring Your Own Vulnerable Driver” (BYOVD) technique has emerged, combining it with Windows symbolic links to elevate its effectiveness. This innovative approach exploits drivers with file-writing capabilities, bypassing the need to rely solely on vulnerable drivers listed in Microsoft’s blocklist. The BYOVD technique involves attackers leveraging legitimate but vulnerable […]
The post Destroying EDR Service Executable File by Using a Combination of Windows Symbolic Links appeared first on Cyber Security News.
This article has been indexed from Cyber Security News