BYOVD
Coverage of BYOVD in the Nexus archive.
- 'GodDamn' Ransomware Uses BYOVD to Smite US Companies
The 'GodDamn' ransomware uses BYOVD to target US companies by deploying a malicious kernel driver co-signed by Microsoft, which disables security software during attacks.
- Making Vulnerable Drivers Exploitable Without Hardware - The BYOVD Perspective
This technical article analyzes how Windows kernel mode drivers can be exploited from user mode without requiring the specific hardware they were designed for. The research addresses vulnerability assessment challenges in driver security where exploitability is typically limited by hardware dependencies. The work is motivated by driver-oriented vulnerability research and aims to evaluate the real-world impact of kernel driver vulnerabilities.
- EDR-Killer Ecosystem Expansion Requires Stronger BYOVD Defenses
The article highlights the growing threat of EDR-Killer ecosystems utilizing BYOVD techniques, emphasizing the need for enhanced defensive measures. While stopping these attacks is challenging, it remains achievable with improved BYOVD defenses.