{"id":207538,"date":"2025-03-01T10:11:45","date_gmt":"2025-03-01T16:11:45","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2025\/03\/huge-cyberattack-found-hitting-vulnerable-microsoft-signed-legacy-drivers-to-get-past-security"},"modified":"2025-03-01T10:11:45","modified_gmt":"2025-03-01T16:11:45","slug":"huge-cyberattack-found-hitting-vulnerable-microsoft-signed-legacy-drivers-to-get-past-security","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2025\/03\/huge-cyberattack-found-hitting-vulnerable-microsoft-signed-legacy-drivers-to-get-past-security","title":{"rendered":"Huge cyberattack found hitting vulnerable Microsoft-signed legacy drivers to get past security"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/huge-cyberattack-found-hitting-vulnerable-microsoft-signed-legacy-drivers-to-get-past-security.jpg\"><\/a><\/p>\n<p>A huge cybercriminal campaign has been spotted utilizing outdated and vulnerable Windows drivers to deploy <a data-analytics-id=\"inline-link\" href=\"https:\/\/www.techradar.com\/best\/best-malware-removal\" target=\"_blank\" data-before-rewrite-localise=\"https:\/\/www.techradar.com\/best\/best-malware-removal\" data-url=\"https:\/\/www.techradar.com\/best\/best-malware-removal\" data-hl-processed=\"none\" class=\"\" data-custom-tracking-id=\"2251336583880691515\" data-hawk-tracked=\"hawklinks\" data-google-interstitial=\"false\" data-label=\"malware\">malware<\/a> against victims. The campaign originated in China, and the majority of the victims are also located in China.<\/p>\n<p>An <a data-analytics-id=\"inline-link\" href=\"https:\/\/research.checkpoint.com\/2025\/large-scale-exploitation-of-legacy-driver\/\" target=\"_blank\" data-url=\"https:\/\/research.checkpoint.com\/2025\/large-scale-exploitation-of-legacy-driver\/\" referrerpolicy=\"no-referrer-when-downgrade\" data-hl-processed=\"none\" class=\"\" data-custom-tracking-id=\"2073949403526565087\" data-hawk-tracked=\"hawklinks\" data-google-interstitial=\"false\" data-label=\"in-depth article\">in-depth article<\/a> published by cybersecurity researchers Check Point said the attackers identified a vulnerability in the Truesight.sys driver, version 2.0.2. This is an older version, known to allow arbitrary process termination.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A huge cybercriminal campaign has been spotted utilizing outdated and vulnerable Windows drivers to deploy malware against victims. The campaign originated in China, and the majority of the victims are also located in China. An in-depth article published by cybersecurity researchers Check Point said the attackers identified a vulnerability in the Truesight.sys driver, version 2.0.2. [\u2026]<\/p>\n","protected":false},"author":396,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[],"class_list":["post-207538","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/207538","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/396"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=207538"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/207538\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=207538"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=207538"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=207538"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}