April 01, 2025 Qilin affiliates spear-phish MSP ScreenConnect admin, targeting customers downstream Attack matches three-year long pattern of ScreenConnect attacks tracked by Sophos MDR as STAC4365. Security OperationsThreat Research
December 13, 2022 Signed driver malware moves up the software trust chain The criminals signed their AV-killer malware, closely related to one known as BURNTCIGAR, with a legitimate WHCP certificate Security OperationsThreat Research