April 13, 2024

Chinese hackers were found to be using two open-source tools to sign and load malicious kernel-mode drivers on infected endpoints.

According to the Cisco Talos cybersecurity researchers who discovered the activity, this gives the attackers the highest possible privilege level. “This is a significant threat because access to the kernel provides complete access to the system and thus can cause outright compromise,” they said in their report. analyze.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *