{ads}

Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools

Written By Monday, 6 April 2026 Add Comment



April 6, 2026 at 03:37PM

Threat actors associated with Qilin and Warlock ransomware operations have been observed using the bring your own vulnerable driver (BYOVD) technique to silence security tools running on compromised hosts, according to findings from Cisco Talos and Trend Micro. Qilin attacks analyzed by Talos have been found to deploy a malicious DLL named "msimg32.dll,"

from The Hacker News https://ift.tt/TSsPz4M

0 Response to "Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools"

Post a Comment

Subscribe to: Post Comments (Atom)

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads