Cuba ransomware group used Microsoft developer accounts to sign malicious drivers
Microsoft suspended several accounts on its hardware developer program that signed malicious drivers used by a ransomware group called Cuba to disable endpoint security tools. The driver certificates have been revoked and the drivers will be added to a blocklist that Windows users can optionally deploy. “In most ransomware incidents, attackers kill the target’s security […]
Cyber News, Cyber Threat Trends