AttackFeed by Joe Wagner | Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools  - The Hacker News

Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools  – The Hacker News

Posted on By [email protected] (The Hacker News)
Attack Feeds

Threat actors associated with Qilin and Warlock ransomware operations have been observed using the bring your own vulnerable driver (BYOVD) technique to silence security tools running on compromised hosts, according to findings from Cisco Talos and Trend Micro.
Qilin attacks analyzed by Talos have been found to deploy a malicious DLL named “msimg32.dll,”  –

Read More  – The Hacker News 

You may also like

AttackFeed by Joe Wagner | SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains  - The Hacker News
Attack Feeds
SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains  – The Hacker News
March 3, 2026
AttackFeed by Joe Wagner | North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware  - The Hacker News
Attack Feeds
North Korea’s APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware  – The Hacker News
April 13, 2026
AttackFeed by Joe Wagner | AI-Driven Exploitation is Destroying Vulnerability Management. Here’s How to Handle It.  - The Hacker News
Attack Feeds
AI-Driven Exploitation is Destroying Vulnerability Management. Here’s How to Handle It.  – The Hacker News
June 2, 2026
AttackFeed by Joe Wagner | Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets  - The Hacker News
Attack Feeds
Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets  – The Hacker News
March 12, 2026