Chinese state hackers use rootkit to hide ToneShell malware activity

A new sample of the ToneShell backdoor, typically seen in Chinese cyberespionage campaigns, has been delivered through a kernel-mode loader in attacks against government organizations.
Network World

Digging out new rootkits

These attacker tools have become stealthier than ever. Even so, they may not require specialized protection. Talk of , favorite attacker tools for compromising computer systems without detection, has ...
CSOonline

BLACK HAT : Hackers Find a New Place to Hide Rootkits

Security researchers have developed a new type of malicious rootkit software that hides itself in an obscure part of a computer’s microprocessor, hidden from current antivirus products. Called a ...
Forbes

Windows Rootkit Warning As Obscure#Bat Hides Malicious Files

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. As if Windows users need any more bad news on the security ...
CSOonline

Sophisticated UEFI rootkit of Chinese origin shows up again in the wild after 3 years

A sophisticated rootkit that’s able to insert itself into the lowest levels of Windows computers — the motherboard firmware — has been making victims since 2020 after disappearing from the radar for ...
Dark Reading

Microsoft Refining Third-Party Driver Vetting Processes After Signing Malicious Rootkit

Microsoft is refining its policies and processes for certifying drivers through its Windows Hardware Compatibility Program (WHCP) after a recent incident in which the company appears to have ...