Post by Expel
31,196 followers
The Gentlemen ransomware group may be new to the cybersecurity circuit, but they’re already demonstrating a level of sophistication worth putting on every leader’s radar. Here’s what Marcus Hutchins on the Expel Intel team found: ☑️ The group used a zero-day vulnerability to disable the target’s EDR. ☑️ The threat actor relies heavily on BYOVD style attacks. ☑️ Our team captured & analyzed both the vulnerable driver & exploit code the threat actor used as a zero-day, and was not present in any public vulnerable driver blocklists. Read the full technical deep-dive to understand this group better. It’s not the last you’ll be hearing of them: https://lnkd.in/gEPVwWjk