all InfoSec news
Ransomware Group Uses Vulnerability to Bypass EDR Products
eSecurityPlanet www.esecurityplanet.com
The BlackByte ransomware group is actively exploiting a vulnerability in RTCore32.sys and RTCore64.sys, the drivers of a widely used graphic card utility called Micro-Star MSI AfterBurner (version 4.6.2.15658). Recorded as CVE-2019-16098, the flaw allows any authenticated user to read and write to arbitrary memory, I/O ports and MSR control registers. Cybercriminals can abuse it to […]
The post Ransomware Group Uses Vulnerability to Bypass EDR Products appeared first on eSecurityPlanet.
antivirus software bypass bypass edr cybersecurity edr endpoint security malware network security products ransomware ransomware group security threats vulnerability web security