Cybercriminals are increasingly turning trusted software against defenders, according to new research from Huntress, which has uncovered a real-world attack in which threat actors used a legitimate but vulnerable driver to disable endpoint security tools before deploying further malicious activity. In a detailed incident response analysis, Huntress researchers observed attackers abusing an outdated EnCase forensic The post Attackers Use Legitimate Forensic Driver to Disable Endpoint Security, Huntress Warns appeared first on IT Security Guru.
First seen on itsecurityguru.org
Jump to article: www.itsecurityguru.org/2026/02/05/attackers-use-legitimate-forensic-driver-to-disable-endpoint-security-huntress-warns
