Security researcher John Page (aka hyp3rlinx) specializes in finding bugs in malware and publishing them on his website and Twitter account. Recently he published a way to use those vulnerabilities to stop ransomware from encrypting files.
As it turns out, many forms of ransomware are susceptible to DLL hijacking. Normally, attackers use DLL hijacking to trick a program into loading a DLL file it isn’t supposed to which makes them run unwanted code. However, defenders can currently use the technique to hijack and partially block ransomware.