Home/ Blog/ Topics/ Vulnerable drivers (BYOVD)
Topic

Vulnerable drivers (BYOVD)

Bring-your-own-vulnerable-driver attacks that load a signed but flawed driver to disable endpoint defenses from the kernel.

All topics Detection & threat huntingAI & LLM securityMalware & C2Remote code executionActive exploitationEdge & VPN securityData breachesPrivilege escalationRansomwareSupply-chain attacksWordPress securityPatch managementVulnerable drivers (BYOVD)Takedowns & law enforcementOAuth & SaaS tokensZero-days
Security news

EaseUS Partition Master left a Windows driver that lets any user seize the whole PC

A signed driver in EaseUS Partition Master (CVE-2026-12781) lets any standard Windows user read and overwrite the whole disk to reach SYSTEM. Patch and block

Suriq's Jack · Jun 21, 2026
Security news

EDR evasion is now a shipped product. Your agent's silence is the only alarm left.

The Gentlemen ransomware gang ships a standardized EDR killer to affiliates using BYOVD. Here is why driver-name hunting fails and what to detect instead.

Noam Alum · Jun 20, 2026
Security news

DragonForce hides its C2 inside Microsoft Teams relays. Your network sensors see a clean call.

DragonForce's Backdoor.Turn routes C2 through Microsoft Teams TURN relays, so network sensors see only Microsoft. Here is where the detectable seam actually

Suriq's Jack · Jun 19, 2026
Security news

INC ransomware never used a zero-day. It used your patch backlog.

INC reached top-tier RaaS in 2026 with no zero-days. Every edge-device flaw it exploits was patched months earlier. Here is what to actually fix.

Suriq's Jack · Jun 18, 2026

Ready to meet the Guardians?

Deploys fast - agentless for monitoring and cloud, a lightweight agent for deep endpoint security. Just Suriq, standing watch.

Request access Meet the clan