Unmasking a Large-Scale Legacy Driver Exploitation Campaign
released on 2025-02-24 @ 04:26:36 PM
Check Point Research uncovered an extensive campaign exploiting a vulnerability in the legacy version 2.0.2 of the Truesight.sys driver, part of Adlice's RogueKiller Antirootkit suite. Attackers leveraged this vulnerability to deploy an EDR/AV killer module, effectively disabling security solutions on targeted systems.