GentleKiller Framework Disables Victims' Security Software
ID: 5c902ca3-9316-57c4-8ebd-9023fa5fe9de
STIX ID: report--5c902ca3-9316-57c4-8ebd-9023fa5fe9de
Feed Name: Infosecurity Magazine (News)
**Executive summary:** ESET analysis describes the Gentlemen RaaS group's 'GentleKiller' suite that leverages BYOVD (legitimately signed but flawed kernel drivers) to kill endpoint protection at kernel level, targeting over 400 processes across roughly 48 security products; the operator-run toolkit includes multiple variants and rapidly adapts disclosed driver exploits, and defenders are advised to block known-vulnerable drivers and monitor abrupt termination of protected security processes.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
