Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Plume Security, Inc

Plume Security, Inc Vendor Cyber Rating & Cyber Score

ransomstop.com

Our flagship solution, RansomStop, stops ransomware attacks for any business. Our differentiated solution is an automated and preventative solution by offering Real-time Protection, Not Just Detection. We are solving a real world problem, not simply developing a product.


PSI A.I CyberSecurity Scoring

PSI
Company Information
Website:https://www.ransomstop.com/
Employees number:10
Number of followers:154
NAICS:
Industry Type:Data Security Software Products
Homepage:ransomstop.com
PSI Risk Score (AI oriented)
Between 0 and 549
logo
PSIData Security Software Products
Updated:
02/04/2026
513/1000
Critical
C
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
PSI Global Score (TPRM)
xxxx
logo
PSIData Security Software Products
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

PSI
PSICritical
Current Score
513C (CRITICAL)
01000
1 incidents
-97 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
664Before Incident
JUNE 2026
663Before Incident
MAY 2026
661Before Incident
APRIL 2026
513Before Incident
MARCH 2026
754Before Incident
Ransomware
20 Mar 2026PSI
RansomHouse, DragonForce and MedusaLocker: Ransomware Actors Expand EDR Killer Tactics Beyond Vulnerable Drivers

Ransomware Attackers Evolve Tactics to Disable Endpoint Security

657After Incident
CRITICAL-97
PLUUNIDRA1774009537
Ransomware Attackers Evolve Tactics to Disable Endpoint Security Ransomware operators have expanded their methods to bypass endpoint security, moving beyond the traditional Bring Your Own Vulnerable Driver (BYOVD) technique. While BYOVD remains in use with 54 tools exploiting 35 vulnerable drivers attackers now employ script-based tools, misuse legitimate anti-rootkit software, and deploy fully driverless techniques to neutralize security defenses before encryption. This shift prioritizes reliability, allowing ransomware affiliates to disable Endpoint Detection and Response (EDR) systems quickly rather than evading detection. Research from ESET, based on telemetry and incident investigations, identified nearly 90 active EDR killers used by major ransomware groups, including Akira, Medusa, Qilin, RansomHouse, and DragonForce. Many of these tools are commercially traded in underground marketplaces, reflecting a mature, profit-driven ecosystem. Among the most prevalent tools is AbyssKiller, which combines the ABYSSWORKER rootkit with a HeartCrypt-packed loader, and CardSpaceKiller, frequently used by Akira, Medusa, and MedusaLocker. These tools leverage obfuscation techniques such as VX Crypt and VMProtect to evade detection, while others like SmilingKiller use control-flow flattening to complicate analysis. Some groups, like Warlock, deploy multiple EDR killers in succession, with recent samples showing signs of AI-assisted code generation. Attackers often separate the EDR killer from its driver, manually installing the driver first to ensure functionality before executing the payload. This division of labor makes defense evasion more accessible, even to less skilled threat actors. The focus on disabling security tools rather than making encryptors stealthy has become the primary method for ensuring successful ransomware execution. The impact is severe: victims face attacks where security measures are rendered ineffective before encryption begins. While driver blocking remains a necessary defense, organizations must also monitor for suspicious driver installations, enforce least-privilege access, and maintain strong endpoint telemetry to mitigate these evolving threats.
INCIDENT DETAILS -
TYPE
Ransomware
MOTIVATION
Financial gain (ransomware execution, data encryption)
IMPACT
Systems Affected: Endpoint Detection and Response (EDR) systems, victim endpointsOperational Impact: Security measures disabled before encryption, increased attack success rate
DATA BREACH
Data Encryption: Yes (ransomware encryption)
FEBRUARY 2026
754Before Incident
JANUARY 2026
754Before Incident
DECEMBER 2025
754Before Incident
NOVEMBER 2025
754Before Incident
OCTOBER 2025
754Before Incident
SEPTEMBER 2025
754Before Incident
AUGUST 2025
754Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for PSI ?
?
What was PSI's A.I Rankiteo Cyber Score in June 2026 ?
?
What was PSI's A.I Rankiteo Cyber Score in May 2026 ?
?
What was PSI's A.I Rankiteo Cyber Score in April 2026 ?
?
What was PSI's A.I Rankiteo Cyber Score in March 2026 ?
?
What was PSI's A.I Rankiteo Cyber Score in February 2026 ?
?
What was PSI's A.I Rankiteo Cyber Score in January 2026 ?
?
What was PSI's A.I Rankiteo Cyber Score in December 2025 ?
?
What was PSI's A.I Rankiteo Cyber Score in November 2025 ?
?
What was PSI's A.I Rankiteo Cyber Score in October 2025 ?
?
What was PSI's A.I Rankiteo Cyber Score in September 2025 ?
?
What was PSI's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on PSI's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with PSI ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view PSI's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?