New BYOVD loader behind DeadLock ransomware attack

Jordyn Dunk 2025-12-09T11:00:25+00:00 View Original

Full Report

Cisco Talos has uncovered a new DeadLock ransomware campaign using a previously unknown BYOVD loader to exploit a Baidu Antivirus driver vulnerability, letting threat actors disable EDR defenses and escalate attacks.

Analysis Summary