Qilin & Warlock Ransomware: Unmasking BYOVD Tactics to Silence EDRs and Evade Detection
Qilin and Warlock ransomware exploit vulnerable drivers (BYOVD) to disable over 300 EDR tools, achieving kernel-level persistence and evasion.
kernel-exploitation
Kernel-Level Cryptojacking: Unpacking a Driver-Exploiting XMRig Campaign
Deep dive into a cryptojacking campaign leveraging pirated software and a kernel driver for stealthy, persistent Monero mining.