Silver Fox APT Exploits Signed Windows Driver to Deliver ValleyRAT

Silver Fox APT is exploiting a signed but vulnerable WatchDog driver to disable Windows security and deliver ValleyRAT malware. The driver, amsdk.sys version 1.0.600, allows attackers to terminate security processes and install the malware, even after a patch was released. This campaign highlights the risks of trusting signed drivers without additional security checks.