• About Us
  • Advertising
  • Digital Magazine
  • Supplements
  • Media Pack
  • Privacy Policy
  • Contact us
CXO Insight Middle East
  • News
  • Opinion
  • Business
    • Industries
      • Transport
      • Retail
      • Government
      • Real Estate
      • Education
      • Energy
      • Banking and Finance
    • Channel
  • Future
    • Tech
    • Gadgets
    • Science
    • Space
    • Sustainability
  • Events
    • Channel Insights Summit 2025
    • Insight Innovation Summit
    • CXO50 Oman
    • CXO50
    • ICT Awards
      • Dubai 2025
      • Saudi Arabia
    • Cyber Strategists Summit
    • Cloud Connect 2025
    • Channel Awards 2024
    • All events
  • GITEX
  • Digital Magazine
No Result
View All Result
CXO Insight Middle East
  • News
  • Opinion
  • Business
    • Industries
      • Transport
      • Retail
      • Government
      • Real Estate
      • Education
      • Energy
      • Banking and Finance
    • Channel
  • Future
    • Tech
    • Gadgets
    • Science
    • Space
    • Sustainability
  • Events
    • Channel Insights Summit 2025
    • Insight Innovation Summit
    • CXO50 Oman
    • CXO50
    • ICT Awards
      • Dubai 2025
      • Saudi Arabia
    • Cyber Strategists Summit
    • Cloud Connect 2025
    • Channel Awards 2024
    • All events
  • GITEX
  • Digital Magazine
No Result
View All Result
CXO Insight Middle East
No Result
View All Result

Kaspersky detects 23% increase in attacks targeting vulnerable Windows drivers

by CXO Staff
August 22, 2024
in News

Attackers are increasingly targeting Windows by exploiting vulnerable drivers, according to Kaspersky experts.

Kaspersky detects 23% increase in attacks targeting vulnerable Windows drivers

Attackers are increasingly targeting Windows by exploiting vulnerable drivers, according to Kaspersky experts. In the second quarter of 2024, the number of systems attacked using this technique increased by nearly 23% compared to the first quarter. Vulnerable drivers may be exploited for a wide range of attacks, including ransomware and Advanced Persistent Threats (APTs).

Cyberattacks that utilise vulnerable drivers are known as BYOVD (Bring Your Own Vulnerable Driver). They allow threat actors to attempt to disable security solutions on a system and escalate privileges, enabling them to carry out various malicious activities, such as installing ransomware or establishing persistence for espionage or sabotage, particularly if an Advanced Persistent Threat (APT) group is behind the attack.

Kaspersky reports that this attack technique accelerated in 2023 and is currently gaining momentum, with a potential impact on both individuals and organisations. In Q2 2024, the number of systems attacked with the BYOVD technique increased by almost 23% compared to the previous quarter.

Dynamics in attacks exploiting vulnerable drivers

“While the drivers themselves are legitimate, they may contain vulnerabilities. These vulnerabilities can then be exploited for malicious purposes. Perpetrators use various tools and methods to install a vulnerable driver on the system. Once the operating system loads this driver, the attacker can exploit it to circumvent OS kernel security boundaries for their own goals,” explains Vladimir Kuskov, Head of Anti-Malware Research at Kaspersky.

One concerning aspect of this trend is the proliferation of tools that exploit vulnerable drivers – they can be found online. While relatively few of these tools exist in 2024 – only 24 projects have been published since 2021– Kaspersky experts observed an increase in the number of these tools being published online last year. “Although nothing really stops threat actors from developing their own private tools, the publicly available ones eliminate the need for the specific skills required to research and exploit vulnerable drivers. In 2023 alone, we identified approximately 16 new tools of this nature, marking a substantial increase from the mere one or two we observed in previous years. Given this rise, it is highly advisable to implement robust protective measures for any system”, elaborates Vladimir Kuskov.

To counter threats related to vulnerable driver exploitation, the following measures are effective:

  • Thoroughly understand your infrastructure and closely monitor its assets, focusing on the perimeter.
  • To protect the company against a wide range of threats, use solutions from the Kaspersky Next product line. It provides real-time protection, threat visibility, investigation and response capabilities of EDR and XDR for organisations of any size and industry, as well as safeguarding systems against vulnerable driver exploitation.
  • Implement a Patch Management process to detect vulnerable software within the infrastructure and promptly install security patches. Solutions like Kaspersky Endpoint Security and Kaspersky Vulnerability Data Feed can assist in this regard.
  • Conduct regular security assessments to identify and patch vulnerabilities before they become an entry point for an attacker.

Read more on vulnerabilities and exploits threat landscape in Q2 2024 on Securelist.

Tags: KasperskyWindows drivers
ShareTweet

Related Posts

Meriam ElOuazzani, Senior Regional Director, Middle East, Turkey, and Africa, SentinelOne
Feature

A day in the life of Meriam ElOuazzani

What does your morning routine look like? I start my day around 5:00 AM with a few minutes of meditation—it...

July 4, 2025
Tenable research finds rampant cloud misconfigurations exposing critical data and secrets
Future

Tenable research finds rampant cloud misconfigurations exposing critical data and secrets

Tenable released its 2025 Cloud Security Risk Report, which revealed that 9 percent of publicly accessible cloud storage contains sensitive...

July 4, 2025

Discussion about this post

Latest Issue

Meriam ElOuazzani, Senior Regional Director, Middle East, Turkey, and Africa, SentinelOne

A day in the life of Meriam ElOuazzani

July 4, 2025
Tenable research finds rampant cloud misconfigurations exposing critical data and secrets

Tenable research finds rampant cloud misconfigurations exposing critical data and secrets

July 4, 2025
How co-packaged optics boost speed and slash energy use

How co-packaged optics boost speed and slash energy use

July 3, 2025

The most trusted source of strategic intelligence for IT decision makers in the Middle East.

About

  • About Us
  • Advertising
  • Digital Magazine
  • Supplements
  • Media Pack
  • Contact Us

Policies

  • Privacy Policy

© 2024 – CXO Insight Middle East. All Rights Reserved.

Facebook-f X-twitter Linkedin
Separated they live in Bookmarksgrove right at the coast of the Semantics, a large language ocean. A small river named Duden.

About

  • About Us
  • Site Map
  • Contact Us
  • Career

Policies

  • Help Center
  • Privacy Policy
  • Cookie Setting
  • Term Of Use

Join Our Newsletter

© 2024 – CXO Insight Middle East. All Rights Reserved.

Facebook-f Twitter Youtube Instagram

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Join our mailing list
Sign up here to get the latest news, updates and special offers delivered directly to your inbox.
No Result
View All Result
  • News
  • Opinions
  • Business
    • Industries
      • Transport
      • Retail
      • Government
      • Real Estate
      • Education
      • Energy
      • Banking and Finance
  • Channel
  • Future
    • Tech
    • Gadgets
    • Science
    • Space
    • Sustainability
  • Events
    • Channel Insights Summit 2025
    • Insight Innovation Summit
    • CX50 Oman
    • CXO50
    • ICT Awards
      • Dubai
      • Saudi Arabia
    • Cyber Strategists Summit
    • Cloud Connect 2025
    • Channel Awards 2023
    • All events
  • Videos
  • GITEX GLOBAL
  • Digital Magazine

© 2024 - CXO Insight Middle East. All Rights Reserved.