A new sample of the ToneShell backdoor, typically seen in Chinese cyberespionage campaigns, has been delivered through a kernel-mode loader in attacks against government organizations.

Rootkits are powerful malware, actually a bunch of them together, that even your antivirus may find it hard to detect and remove from your system. Rootkits can be manually put inside the system with ...

The China-linked Mustang Panda APT has been using a kernel-mode rootkit in attacks leading to ToneShell backdoor deployments.

Mustang Panda deployed TONESHELL via a signed kernel-mode rootkit, targeting Asian government networks and evading security ...

To defend against the new attacks, the researchers advise memory forensics as the number one way of spotting ToneShell ...

There are a lot of malware programs in the wild today, but luckily we have methods of detecting and removing them. Antivirus is an old standby, and if that fails you can always just reformat the hard ...

Update, 9 October 2018: The remediation section of the white paper contained inaccurate information. Secure Boot doesn't protect against the UEFI rootkit described in this research. We advise that you ...

Dr. Chris Hillman, Global AI Lead at Teradata, joins eSpeaks to explore why open data ecosystems are becoming essential for enterprise AI success. In this episode, he breaks down how openness — in ...

A new Linux kernel rootkit dubbed ‘syslogk’ has been spotted in the wild by Avast cybersecurity researchers. According to an advisory by David Álvarez and Jan Neduchal, syslogk would be able to cloak ...

Trend Micro has quietly released a rootkit scanning/cleaning utility, belatedly joining the list of anti-vendors pushing out free standalone tools to nab the stealthy computer threats. Trend Micro's ...

Stealthy and multifunctional Linux malware that has been infecting telecommunications companies went largely unnoticed for two years until being documented for the first time by researchers on ...