Please login or sign up to post and edit reviews.
On the hunt for popping up kernel drives. [Research Saturday]
Podcast |
CyberWire Daily
Publisher |
The CyberWire
Media Type |
audio
Podknife tags |
Cybersecurity
Tech News
Technology
Categories Via RSS |
Daily News
News
Tech News
Technology
Publication Date |
Dec 09, 2023
Episode Duration |
00:15:02
Dana Behling, researcher from Carbon Black, sharing their work on "Hunting Vulnerable Kernel Drivers." The Carbon Black Threat Analysis Unit (TAU) discovered 34 unique vulnerable drivers, six of which allow kernel memory access, accepting firmware access. TAU reported the issues to the vendors whose drivers had valid signatures at the time of discovery, but only two vendors fixed the vulnerabilities. TAU is calling for more comprehensive approaches in the future than the current banned-list method used by Microsoft. The research states "By exploiting the vulnerable drivers, an attacker without the system privilege may erase/alter firmware, and/or elevate privileges." The research can be found here: Hunting Vulnerable Kernel Drivers Learn more about your ad choices. Visit megaphone.fm/adchoices
Dana Behling, researcher from Carbon Black, sharing their work on "Hunting Vulnerable Kernel Drivers." The Carbon Black Threat Analysis Unit (TAU) discovered 34 unique vulnerable drivers, six of which allow kernel memory access, accepting firmware access. TAU reported the issues to the vendors whose drivers had valid signatures at the time of discovery, but only two vendors fixed the vulnerabilities. TAU is calling for more comprehensive approaches in the future than the current banned-list method used by Microsoft. The research states "By exploiting the vulnerable drivers, an attacker without the system privilege may erase/alter firmware, and/or elevate privileges." The research can be found here: Hunting Vulnerable Kernel Drivers Learn more about your ad choices. Visit megaphone.fm/adchoices

Dana Behling, researcher from Carbon Black, sharing their work on "Hunting Vulnerable Kernel Drivers." The Carbon Black Threat Analysis Unit (TAU) discovered 34 unique vulnerable drivers, six of which allow kernel memory access, accepting firmware access.

TAU reported the issues to the vendors whose drivers had valid signatures at the time of discovery, but only two vendors fixed the vulnerabilities. TAU is calling for more comprehensive approaches in the future than the current banned-list method used by Microsoft. The research states "By exploiting the vulnerable drivers, an attacker without the system privilege may erase/alter firmware, and/or elevate privileges."

The research can be found here:

Learn more about your ad choices. Visit megaphone.fm/adchoices

This episode currently has no reviews.

Submit Review
This episode could use a review!

This episode could use a review! Have anything to say about it? Share your thoughts using the button below.

Submit Review