This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-06-02T16:52:23+00:00 www.secnews.physaphae.fr AliceCliment-Pommeret - Chercher Cyber This article describes a quick way to find easy exploitable process killer drivers. There are many ways to identify and exploit process killer drivers. This article is not exhaustive and presents only one (easy) method. Lately, the use of the BYOVD technique to kill AV and EDR agents seems trending. The ZeroMemoryEx Blackout project, the Terminator tool sold (for 3000$) by spyboy are some recent examples. Using vulnerable drivers to kill AV and EDR is not brand new, it’s been used by APTs, Red Teamers, and ransomware gangs for quite some time.]]> 2023-06-09T15:42:46+00:00 https://alice.climent-pommeret.red/posts/process-killer-driver/ www.secnews.physaphae.fr/article.php?IdArticle=8383840 False Ransomware,Tool,Technical None 4.0000000000000000