In August 2025, Trend Micro investigated a new ransomware campaign orchestrated by The Gentlemen, an emerging and previously undocumented threat group. This threat actor quickly established itself within the threat landscape by demonstrating advanced capabilities through their systematic compromise of enterprise environments.
By adapting their tools mid-campaign—shifting from generic anti-AV utilities to highly targeted, specific variants—the attackers demonstrate versatility and determination, posing a significant threat to organizations regardless of their security defenses. The campaign’s attack chain exposed several highly sophisticated and concerning tactics. Notably, the threat actor exploited legitimate drivers for defense evasion, abused Group Policy Objects (GPO) to facilitate domain-wide compromise, and deployed custom malicious tools designed to disable security solutions present in the environment.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Critical RCE Vulnerability Found in Cisco WebEx Extensions, Again — Patch Now!
July 17, 2017
A highly critical vulnerability has been discovered in the Cisco Systems’ WebEx browser extension for Chrome and Firefox, for the second time in this year, which could allow attackers to remotely execute malicious code on a victim’s computer. Cisco WebEx is a popular communication tool for online events, including meetings, webinars and video conferences that help ...
- NSA Advocates Data Sharing Framework
June 23, 2017
The economics of cybersecurity are skewed in favor of attackers, who invest once and can launch thousands of attacks with a piece of malware or exploit kit. That’s why Neal Ziring, technical director for the NSA’s Capabilities Directorate, wants to flip the financial equation on bad guys. “We need to conduct defenses in a way that ...