Tag: CVE-2024-51324

Cisco Talos has uncovered a new DeadLock ransomware campaign in which attackers exploit a vulnerable Baidu Antivirus driver (CVE-2024-51324) to disable EDR systems using the Bring Your Own Vulnerable Driver (BYOVD) technique, dismantle defenses with a PowerShell script, erase backups, and encrypt files on Windows using a proprietary encryption algorithm. Notably, the group operates without…