Cuba ransomware group used Microsoft developer accounts to sign malicious drivers

Microsoft suspended several accounts on its hardware developer program that signed malicious drivers used by a ransomware group called Cuba to disable endpoint security tools. The driver certificates have been revoked and the drivers will be added to a blocklist that Windows users can optionally deploy.

Read full article on CSO Online

 


Date:

Categorie(s):