{"id":7679,"date":"2026-04-06T11:11:33","date_gmt":"2026-04-06T11:11:33","guid":{"rendered":"https:\/\/news.cybertechworld.co.in\/index.php\/2026\/04\/06\/qilin-and-warlock-ransomware-use-vulnerable-drivers-to-disable-300-edr-tools\/"},"modified":"2026-04-06T11:11:33","modified_gmt":"2026-04-06T11:11:33","slug":"qilin-and-warlock-ransomware-use-vulnerable-drivers-to-disable-300-edr-tools","status":"publish","type":"post","link":"https:\/\/news.cybertechworld.co.in\/index.php\/2026\/04\/06\/qilin-and-warlock-ransomware-use-vulnerable-drivers-to-disable-300-edr-tools\/","title":{"rendered":"Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools"},"content":{"rendered":"

\u200bThreat actors associated\u00a0with Qilin\u00a0and Warlock ransomware operations\u00a0have been\u00a0observed using the bring your own vulnerable driver\u00a0(BYOVD) technique to silence security tools running on compromised hosts, according to findings from Cisco Talos and Trend\u00a0Micro.
\nQilin attacks analyzed by Talos\u00a0have been\u00a0found to deploy a malicious DLL named “msimg32.dll,”\u00a0Threat actors associated\u00a0with Qilin\u00a0and Warlock ransomware operations\u00a0have been\u00a0observed using the bring your own vulnerable driver\u00a0(BYOVD) technique to silence security tools running on compromised hosts, according to findings from Cisco Talos and Trend\u00a0Micro.
\nQilin attacks analyzed by Talos\u00a0have been\u00a0found to deploy a malicious DLL named “msimg32.dll,”\u00a0\u00a0The Hacker News<\/p>","protected":false},"excerpt":{"rendered":"

\u200bThreat actors associated\u00a0with Qilin\u00a0and Warlock ransomware operations\u00a0have been\u00a0observed using the bring your own vulnerable driver\u00a0(BYOVD) technique to silence security tools running on compromised hosts, according to findings from Cisco Talos and Trend\u00a0Micro. Qilin attacks analyzed by Talos\u00a0have been\u00a0found to deploy a malicious DLL named “msimg32.dll,”\u00a0Threat actors associated\u00a0with Qilin\u00a0and Warlock ransomware operations\u00a0have been\u00a0observed using the bring… Read More »Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools<\/span><\/a><\/p>\n","protected":false},"author":0,"featured_media":7680,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"","neve_meta_content_width":0,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":"","_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/7679"}],"collection":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/comments?post=7679"}],"version-history":[{"count":0,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/7679\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media\/7680"}],"wp:attachment":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media?parent=7679"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/categories?post=7679"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/tags?post=7679"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}