Kasseika Ransomware Using BYOVD Trick to Disarms Security Pre-Encryption
January 24, 2024 at 07:06AM Kasseika, a new ransomware group, has adopted the Bring Your Own Vulnerable Driver (BYOVD) attack to evade security processes on Windows hosts, demonstrating similarities with the now-defunct BlackMatter. Their attack chain begins with a phishing email, followed by deploying remote administration tools and executing a malicious batch script. The ransomware … Read more