GentleKiller Framework Disables Victims' Security Software
ESET details GentleKiller, the EDR-killer framework the Gentlemen ransomware gang gives affiliates
20 articles
ESET details GentleKiller, the EDR-killer framework the Gentlemen ransomware gang gives affiliates
The Prinz Eugen threat actor employs a hands-on-keyboard approach, leveraging legitimate remote monitoring and management (RMM) software and living-off-the-l...
It’s Monday again. This week’s threat list looks painfully familiar: abused integrations, fake tools, poisoned websites, ransomware crews trying to shut down...
In the fast-paced digital world of 2026, cyberattacks are no longer a matter of if, but when. The increasing sophistication of threats like ransomware, phish...
A customer compromised by a newly observed ransomware family we attribute to the Prinz Eugen group. The encryptor is a purpose-built Go binary that departs f...
Attacks on AI systems and disinformation starred as key elements of a ransomware tabletop exercise CSO participated in during this month’s Infosecurity Europ...
A new report from INTERPOL has revealed a "dramatic increase" in cybercrime in Asia and the South Pacific, fueled by rapid digitalization, internet penetrati...
A new ransomware operation named 'Prinz Eugen' prioritizes recently modified files for encryption and leaves no ransom note on the system. [.
An analysis of the Gentlemen ransomware-as-a-service (RaaS) operation has revealed a sophisticated, centralized approach to neutralizing endpoint detection a...
One of the world’s top ransomware groups has given its criminal affiliates access to advanced tools capable of successfully disabling many of today’s enterpr...
The Gentlemen ransomware-as-a-service (RaaS) operation is actively developing and maintaining a suite of endpoint detection and response (EDR) killers that i...
SocGholish malware has been removed from 15,000 sites associated with Evil Corp hackers
INC has matured from an emerging RaaS operation into one of 2026’s most active ransomware families, claiming more than 800 victims since 2023 and capitalizin...
The Gentlemen ransomware-as-a-service (RaaS) is actively developing and maintaining a suite of endpoint detection and response (EDR) killers to help affiliat...
Mackay Sugar said it was "working urgently" to verify claims that a highly active ransomware group was behind a cyberattack that shut down harvesting and mil...
Cybersecurity researchers have charted the evolution of INC from an nascent ransomware-as-a-service (RaaS) operation to one of the most prolific cybercrime g...
Threat actors associated with the DragonForce ransomware have been observed using a custom Go-based remote access trojan (RAT) called Backdoor.Turn to concea...
DragonForce ransomware abused Microsoft Teams relay systems to hide a custom backdoor, steal files and encrypt systems at a US services firm.
DragonForce ransomware abused Microsoft Teams relay infrastructure to hide C2 traffic.
DragonForce hid for months by routing malware traffic through Microsoft Teams infrastructure, masking C2 activity and evading network detection. DragonForce ...