New Osiris Ransomware Uses BYOVD Technique to Disable Security Tools in Southeast Asia Attack
Breaking NewsCybercrimeMalwareSecurityBYOVDHackingHacking NewsInformation Security NewsIT Information SecurityOsiris RansomwarePierluigi PaganiniPOORTRY DriverSecurity AffairsSecurity News
Researchers from Symantec and Carbon Black have identified a new ransomware named Osiris, which was used in an attack in November 2025 against a major food service franchise operator in Southeast Asia. The attackers exploited the BYOVD (Bring Your Own Vulnerable Driver) technique by using the POORTRY driver to disable security tools. This method allows cybercriminals to bypass protections by deploying a malicious driver to neutralize security solutions before deploying the ransomware.