CSO Online

Attackers exploit decade‑old Windows driver flaw to shut down modern EDR defenses

Attackers abused a signed but long-revoked EnCase Windows kernel driver in a BYOVD attack to terminate all security tools.
Microsoft

The security implementation gap: Why Microsoft is supporting Operation Winter SHIELD

Most security incidents happen in the gap between knowing what matters and actually implementing security controls ...