Very interesting stuff! I did read about the attack that involved a vulnerable Gigabyte driver that was used to disable security software. It was used by the RobbinHood Ransomware, but apparently you can block this with Hypervisor-protected code integrity. I do wonder how this works on a technical level, need to do some research. https://techcommunity.microsoft.com...y-vbs-and-hypervisor-enforced-code/m-p/240571
I also wonder if Windows 10 "Secured-core" PC's can protect against this firmware attack: https://eclypsium.com/2020/2/18/unsigned-peripheral-firmware/