THURSDAY, JULY 9, 2026 48° E  /  GLOBAL TECH · SUMMARISED SUBSCRIBE
AI, business, devices, policy — global tech, summarised every 30 minutes.
Security · 1h ago

'GodDamn' Ransomware Uses Signed Microsoft Driver to Disable Defenses

By Meridian48 News Desk · Summarised from Dark Reading ·

A new ransomware strain called 'GodDamn' uses a bring-your-own-vulnerable-driver (BYOVD) attack to disable security software on targeted systems. The malicious driver was co-signed by Microsoft, allowing it to bypass kernel protections. The campaign has hit multiple US companies, leveraging the signed driver to kill endpoint detection and response tools before deploying ransomware.

Meridian48 take
The attack underscores how code-signing trust can be weaponized; Microsoft's signing process failed to catch the malicious intent, raising questions about driver validation rigor.
Read the full reporting
'GodDamn' Ransomware Uses BYOVD to Smite US Companies →
Dark Reading
ransomwarebyovd
More security briefs
Go deeper on security
AllAIStartupsBusinessDevicesPolicySecurityDev ToolsPakistan