Warning: Undefined array key "url" in /home/cyprohem/new.cypro.se/wp-content/plugins/wpforms-lite/src/Forms/IconChoices.php on line 127

Warning: Undefined array key "path" in /home/cyprohem/new.cypro.se/wp-content/plugins/wpforms-lite/src/Forms/IconChoices.php on line 128
Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools – Cypro
Uncategorized

Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools

Posted on by Christian Yng

Threat actors associated with Qilin and Warlock ransomware operations have been observed using the bring your own vulnerable driver (BYOVD) technique to silence security tools running on compromised hosts, according to findings from Cisco Talos and Trend Micro.
Qilin attacks analyzed by Talos have been found to deploy a malicious DLL named “msimg32.dll,”

This entry was posted in Uncategorized and tagged .
Christian Yng

Leave a Reply

Your email address will not be published. Required fields are marked *