CrowdStrike says cybercrime gang Scattered Spider has exploited longtime Windows security issues to use bring-your-own-vulnerable-driver (BYOVD) techniques against its own and other endpoint tools.
A threat actor that specializes in getting around multifactor authentication protection has added a new tool to its arsenal for infecting computers: Leveraging a known Windows weakness to compromise the operating system's kernel. The group is dubbed Scattered Spider by researchers at Crowdstrike. Others call it Roasted 0ktapus or UNC3944. Whatever the name, Crowdstrike says