The Hacker News

Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor

Mustang Panda deployed TONESHELL via a signed kernel-mode rootkit, targeting Asian government networks and evading security ...
SecurityWeek

Chinese APT Mustang Panda Caught Using Kernel-Mode Rootkit

The China-linked Mustang Panda APT has been using a kernel-mode rootkit in attacks leading to ToneShell backdoor deployments.

Researchers identify new ToneShell backdoor targeting government agencies

To defend against the new attacks, the researchers advise memory forensics as the number one way of spotting ToneShell ...

Chinese state hackers use rootkit to hide ToneShell malware activity

A new sample of the ToneShell backdoor, typically seen in Chinese cyberespionage campaigns, has been delivered through a kernel-mode loader in attacks against government organizations.
TechRepublic

Cisco Talos Reports Microsoft Windows Policy Loophole Being Exploited by Threat Actor

Cisco Talos Reports Microsoft Windows Policy Loophole Being Exploited by Threat Actor Your email has been sent Why malicious kernel-mode drivers are a severe threat Tools to exploit the loophole have ...
PC Gamer

Call of Duty: Warzone players are too fed up with cheaters to protest kernel level anti-cheat

The new Call of Duty: Warzone anti-cheat system, called Ricochet, will include a kernel-mode driver that gives Activision the ability to access any bit of memory on your PC. Reddit user t_hugs3 seemed ...