SecurityWeek

Chinese APT Mustang Panda Caught Using Kernel-Mode Rootkit

The China-linked Mustang Panda APT has been using a kernel-mode rootkit in attacks leading to ToneShell backdoor deployments.

Chinese state hackers use rootkit to hide ToneShell malware activity

A new sample of the ToneShell backdoor, typically seen in Chinese cyberespionage campaigns, has been delivered through a kernel-mode loader in attacks against government organizations.

Researchers identify new ToneShell backdoor targeting government agencies

To defend against the new attacks, the researchers advise memory forensics as the number one way of spotting ToneShell infections. They also shared a list of indicators of compromise (IoC) which can ...
The Hacker News

Search results for malware creation tool | Breaking Cybersecurity News | The Hacker News

Cybersecurity researchers have reported an increase in TrueBot infections, primarily targeting Mexico, Brazil, Pakistan, and the U.S. Cisco Talos said the attackers behind the operation have moved ...