> TritonInfoSec News
Home / Mar 20, 2026 / Story
0
#10 The Hacker News general March 19, 2026 at 18:52 UTC

54 EDR Killers Use BYOVD to Exploit 34 Signed Vulnerable Drivers and Disable Security

By [email protected] (The Hacker News)

AI Summary

Analysis reveals 54 EDR killer programs use Bring Your Own Vulnerable Driver (BYOVD) techniques, exploiting 34 different signed vulnerable drivers to disable endpoint security software. These tools are commonly deployed by ransomware affiliates to neutralize defenses before encryption attacks.

Read full article → https://thehackernews.com/2026/03/54-edr-killers-u…

Relevance score: 72.0/100

# More from March 20

  1. 1
    Feds Disrupt IoT Botnets Behind Huge DDoS Attacks Krebs on Security
  2. 2
    Hundreds of millions of iPhones can be hacked with a new tool found in the wild Ars Technica Security
  3. 3
    New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores BleepingComputer
  4. 4
    FBI seizes Handala data leak site after Stryker cyberattack BleepingComputer
  5. 5
    CISA urges US orgs to secure Microsoft Intune systems after Stryker breach BleepingComputer
  6. 6
    Critical Microsoft SharePoint flaw now exploited in attacks BleepingComputer
  7. 7
    Interlock ransomware gang exploited Cisco firewall zero-day weeks before disclosure: Amazon The Record
  8. 8
    Russian hackers exploit Zimbra flaw in Ukrainian govt attacks BleepingComputer
  9. 9
    Navia discloses data breach impacting 2.7 million people BleepingComputer