From thehackernews.com
![BlackByte Ransomware](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg6wd8KxBS0DrMhfB_ryjImxpw-oqfvpd6NP3MmaosXhzYwM2Lb09oMYt0_VpfrlbFpQeOZK_n3Stpmw-38MtvoEpxn1ALL02eJAtzv1n8vyBLrmmoMWazujcPMA4bTfgR0s1_jFvALgwUdGx7gb5Nw5nl31Lk3weiQAnFC59Pp-hKcXNywr_oJVCq8/s728-e1000/hackers.jpg)
n yet another case of bring your own vulnerable driver (BYOVD) attack, the operators of the BlackByte ransomware are leveraging a flaw in a legitimate Windows driver to bypass security solutions.
“The evasion technique supports disabling a whopping list of over 1,000 drivers on which security products rely to provide protection,” Sophos threat researcher Andreas Klopsch said in a new technical write-up.
BYOVD is an attack technique that involves threat actors abusing vulnerabilities in legitimate, signed drivers to achieve successful kernel-mode exploitation and seize control of compromised machines.