Southport Accommodation
MENU
    • Loading ...
    • Loading ...
  • Loading ...
  • Loading ...
Main Pages
Featured Pages
Top Cities
Top Regions
Top Districts
Top Countries
booking
accommodation
travel
attractions
entertainment
restaurants
viator
hotel

Southport Accommodation

Latest News Southport Accommodation

Are you looking for a holiday? Get special deals.

 

Hackers found a way to turn off Windows Defender remotely

30 Aug 2025 By foxnews

Hackers found a way to turn off Windows Defender remotely

Most modern Windows PCs rely on Microsoft Defender as their first line of defense against malware. Over the years, it has evolved into a capable and often underrated antivirus that blocks a wide range of threats. But a hacker group has found a way to abuse a legitimate Intel CPU tuning driver in a "Bring Your Own Vulnerable Driver" (BYOVD) attack to completely disable Microsoft Defender.

The technique has been observed since mid-July 2025 and is already being used in active ransomware campaigns. The method doesn't rely on exploiting a software bug or delivering an obviously malicious file. Instead, it takes advantage of how the Windows driver system is designed to allow deep hardware access.

Let's discuss all you need to know about the attack and how you can stay safe.

HOW SCAMMERS TARGET YOU EVEN WITHOUT SOCIAL MEDIA

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide - free when you join my CYBERGUY.COM newsletter.

The Akira ransomware group has developed a new way to bypass security tools by using a legitimate Intel CPU tuning driver called rwdrv.sys from the performance-tweaking tool ThrottleStop. Security firm GuidePoint Security says attackers load this driver to gain kernel-level access to Windows systems, then install a second malicious driver, hlpdrv.sys, which changes the DisableAntiSpyware registry setting via regedit.exe to shut down Microsoft Defender.

Once Defender is disabled, attackers can run other malicious programs undetected. GuidePoint says this method has been consistently spotted in Akira campaigns since mid-July.

The same group has also been linked to attacks targeting SonicWall VPN devices. SonicWall has stated that these incidents likely involve a known vulnerability, CVE-2024-40766, rather than a brand-new zero-day. The company recommends restricting VPN access, enabling multi-factor authentication, and disabling unused accounts as immediate defenses.

Akira attacks often involve stealing data, setting up hidden remote access, and deploying ransomware to encrypt files across an organization. Security experts warn that fake or lookalike websites are increasingly being used to distribute these malicious tools.

FBI WARNS SENIORS ABOUT BILLION-DOLLAR SCAM DRAINING RETIREMENT FUNDS, EXPERT SAYS AI DRIVING IT

Researchers at GuidePoint have published a YARA detection rule, along with file names, service names, SHA-256 hashes, and file paths to help identify this activity. They recommend administrators actively monitor for these indicators, apply filtering and blocking rules as new IoCs emerge, and only download software from official or verified sources.

We reached out to Microsoft for a comment, but did not hear back before our deadline.

The Microsoft Defender attack is smart and dangerous, but you're not without defenses. Here are a few tips to help you stay safe:

Even with regular updates, Windows systems can be left exposed if built-in defenses are disabled. A strong antivirus software with real-time protection, kernel-level monitoring, and frequent updates can provide backup security. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at CyberGuy.com.

Many exploits rely on user interaction, such as clicking a shady link, downloading a compromised file, or mounting an untrusted virtual disk. Stick to reputable websites, avoid opening unsolicited email attachments, and use a browser with built-in security features (like Microsoft Edge or Chrome with Safe Browsing enabled).

Never paste or run commands (like PowerShell scripts) you don't understand or that were copied from random websites. Attackers often trick users into unknowingly running malware this way.

GOOGLE CONFIRMS DATA STOLEN IN BREACH BY KNOWN HACKER GROUP

Regularly update your operating system, browsers, and all software applications. Updates often include patches for security vulnerabilities that malware can exploit.

Enable 2FA on all your accounts. This adds an extra layer of security by requiring a second form of verification, making it harder for attackers to gain access even if they have your password.

Even with strong device security, your personal information may still be exposed online through data brokers and people-finder sites.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice.  They aren't cheap - and neither is your privacy.  These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites.  It's what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet.  By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

CLICK HERE TO GET THE FOX NEWS APP

Akira's trick shows a bigger flaw in how Windows trusts certain tools. A driver meant for harmless CPU tuning ends up being the key to turning security off. Since it's from a legitimate source, Windows just lets it through without asking questions. We tend to think hackers always break in from the outside. Here, they're already inside the circle of trust, using the system's own rules.

Should Microsoft be doing more to stop ransomware groups from disabling Defender? Let us know by writing to us at Cyberguy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide - free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com.  All rights reserved.

More News

Booking.com
Hackers found a way to turn off Windows Defender remotely
Hackers found a way to turn off Windows Defender remotely
Mary Kay's iconic pink Cadillac shifts to fully electric
Mary Kay's iconic pink Cadillac shifts to fully electric
Giant medieval castle hits market with secret price tag and restoration ahead
Giant medieval castle hits market with secret price tag and restoration ahead
Newsom rebukes White House defense of prayer after shooting: Kids were 'literally praying as they got shot at'
Newsom rebukes White House defense of prayer after shooting: Kids were 'literally praying as they got shot at'
Deion Sanders reveals biggest surprise at Colorado's home games: 'It never fails'
Deion Sanders reveals biggest surprise at Colorado's home games: 'It never fails'
Parents file lawsuit alleging ChatGPT helped their teenage son plan suicide
Parents file lawsuit alleging ChatGPT helped their teenage son plan suicide
NH mom who killed cancer-stricken husband, 2 children embezzled $600K from employer, owner says
NH mom who killed cancer-stricken husband, 2 children embezzled $600K from employer, owner says
Browns legend Joe Thomas gives 'Shedeur Sanders cult' a reality check
Browns legend Joe Thomas gives 'Shedeur Sanders cult' a reality check
Melania Trump laughed off Vanity Fair cover offer: report
Melania Trump laughed off Vanity Fair cover offer: report
Julia Roberts hits back at criticism after new film sparks backlash
Julia Roberts hits back at criticism after new film sparks backlash
Former DOJ worker who hurled sandwich at federal officer charged with misdemeanor
Former DOJ worker who hurled sandwich at federal officer charged with misdemeanor
Phillies' Kyle Schwarber reaches rare MLB feat with 4-home run game
Phillies' Kyle Schwarber reaches rare MLB feat with 4-home run game
Minneapolis school shooter went through recent breakup before deadly attack on Catholic school: warrant
Minneapolis school shooter went through recent breakup before deadly attack on Catholic school: warrant
USWNT star Trinity Rodman hilariously grills in boyfriend Ben Shelton in surprise US Open presser appearance
USWNT star Trinity Rodman hilariously grills in boyfriend Ben Shelton in surprise US Open presser appearance
Marco Rubio jokingly pushes Trump for executive order banning weddings during college football season
Marco Rubio jokingly pushes Trump for executive order banning weddings during college football season
Sabrina Carpenter defends her racy image, tells critics they 'need to get out more'
Sabrina Carpenter defends her racy image, tells critics they 'need to get out more'
Office-ready sneakers you won't want to take off
Office-ready sneakers you won't want to take off
News anchor dies of heart attack at age 42 soon after starting new Mississippi TV job
News anchor dies of heart attack at age 42 soon after starting new Mississippi TV job
Mark Teixeira has a message for Texas Dems after redistricting: 'Have better policies'
Mark Teixeira has a message for Texas Dems after redistricting: 'Have better policies'
President Trump issues 'MAKING FEDERAL ARCHITECTURE BEAUTIFUL AGAIN' executive order
President Trump issues 'MAKING FEDERAL ARCHITECTURE BEAUTIFUL AGAIN' executive order
Latest News
SOUTHPORT ACCOMMODATION

Promote Your Business with Southport Accommodation.

Providing first class business listings that deliver results for both users and businesses. Please Press Claim Listing if you are the business owner.

TOP REGIONS

All Regions
New South Wales
Victoria
Queensland
Melbourne Region
Sydney Region
North Coast New South Wales
West Australia
Northern Rivers
South Australia
South Coast New South Wales Nsw
Sunshine Coast
Tasmania
Brisbane Region
Greater Perth
Port Stephens
Tropical North Queensland
Victorian High Country
Shoalhaven
Gippsland
Tweed Coast
Adelaide Region
Goldfields
Great Ocean Road

TOP CITIES

All Cities
Sydney
Melbourne
Perth
Gold Coast
Brisbane
Adelaide
Canberra
Darwin
Newcastle
Cairns
Wollongong
Byron Bay
Redcliffe
Townsville
Mandurah
Port Macquarie
Hobart
Mount Tambourine
Coffs Harbour

TOP DISTRICTS

All Districts
Melbourne CBD
Surfers Paradise
Sydney Eastern Suburbs
Southbank
Central Business District
Adelaide CBD
Broadbeach
Darwin CBD
Brisbane CBD
Hobart CBD
Bondi
St Kilda
Collins Street
Kings Beach
South Brisbane
Coolangatta
City Centre
Docklands
Burleigh Heads
South Yarra
Four Mile Beach
Surry Hills
Freycinet National Park

OUR PARTNERS

Accommodation in Broadbeach
Palm Beach Accommodation
Accommodation Mermaid Beach
Accommodation Main Beach
Accommodation in Surfers Paradise
Tweed Heads Accommodation
Coolangatta Guide
Accommodation Gold Coast
Architect Gold Coast
Gold Coast Builders
Gold Coast Child Care
Gold Coast Hairdresser
Car Rental
Pubs and Clubs
Travel Agents Gold Coast
Gold Coast Vets
Hotel Find
Australia UK USA India Germany China France

copyright © 2025 Southport Accommodation.   All rights reserved.

Southport Accommodation Listings

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z