Attackers can downgrade Windows kernel components to bypass security features such as Driver Signature Enforcement and deploy rootkits on fully patched systems. This is possible by taking control of ...
North Korean threat actors known as the Lazarus Group exploited a flaw in the Windows AppLocker driver (appid.sys) as a zero-day to gain kernel-level access and turn off security tools, allowing them ...
Researchers warn that a Windows kernel privilege escalation in vulnerability fixed by Microsoft during the February Patch Tuesday was exploited in the wild as a zero-day by a North Korean threat actor ...
A Windows zero-day vulnerability recently patched by Microsoft was exploited by hackers working on behalf of the North Korean government so they could install custom malware that’s exceptionally ...
A distributed system of monitoring groups of computers using the same operating-system configuration can detect the changes wrought by rootkits following infection, a group of security researchers ...
A newly discovered rootkit may not be particularly threatening in itself, but its unique method of concealment could pave the way for more malicious exploits, researchers say. Symantec and F-Secure ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results