Threat actors have abused the vulnerable vsdatant.sys kernel-level driver within the Check Point ZoneAlarm antivirus version released in 2016 to exfiltrate account credentials as part of a Bring Your Own Vulnerable Driver attack, according to Hackread.
Introduction to Malware Binary Triage (IMBT) Course
Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor.
Enroll Now and Save 10%: Coupon Code MWNEWS10
Note: Affiliate link – your enrollment helps support this platform at no extra cost to you.
Article Link: Credential exfiltration possible with Check Point ZoneAlarm driver bug | SC Media