Update, 9 October 2018: The remediation section of the white paper contained inaccurate information. Secure Boot doesn't protect against the UEFI rootkit described in this research. We advise that you ...

The Chinese-linked group Mustang Panda used a kernel-level rootkit to deploy undetectable TONESHELL malware, targeting ...

To defend against the new attacks, the researchers advise memory forensics as the number one way of spotting ToneShell infections. They also shared a list of indicators of compromise (IoC) which can ...

The China-linked Mustang Panda APT has been using a kernel-mode rootkit in attacks leading to ToneShell backdoor deployments.

Mustang Panda deployed TONESHELL via a signed kernel-mode rootkit, targeting Asian government networks and evading security ...

A new sample of the ToneShell backdoor, typically seen in Chinese cyberespionage campaigns, has been delivered through a kernel-mode loader in attacks against government organizations.

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. As if Windows users need any more bad news on the security ...

A new loadable kernel module (LKM) rootkit has been spotted in the wild compromising Linux systems with advanced stealth and privilege escalation features. PUMAKIT, as called by the Elastic Security ...

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. The notorious and highly prolific North Korean Lazarus ...

Stealthy and multifunctional Linux malware that has been infecting telecommunications companies went largely unnoticed for two years until being documented for the first time by researchers on ...