Threat actors have recently been exploiting legacy drivers to bypass certificate validation, leveraging a technique known as “Legacy Driver Exploitation.”
This method involves using vulnerable drivers to evade security measures and distribute malware, as highlighted in a recent security advisory.
The attack primarily utilizes the Gh0stRAT malware to remotely control infected systems and cause further damage.
https://gbhackers.com/threat-actors-lev ... y-drivers/