How are attackers using malicious drivers in Windows to stay undetected?

Talos Takes

English - February 02, 2024 09:00 - 11 minutes - 8.04 MB
Technology security cyber news security news cyber security news cisco talos snort incident response news roundup Homepage Download Google Podcasts Overcast Castro Pocket Casts RSS feed

Previous Episode: (XL Edition): Talos IR recaps the top threats of Q4 2023

Next Episode: Case study: How Talos IR helped a healthcare tech company avoid a ransomware attack

Chris Neal from Talos Outreach joins the show today to talk about his research into the ways adversaries are using malicious drivers on Windows to spread malware. He recently launched a new series on the Talos blog about the basics of drivers and how security researchers can reverse engineer them to learn more about attacker TTPs and develop new detection content. Chris discusses when he first spotted this type of attack, what advantages it presents for the attacker and the other aspects of the research he plans to dive into.