Hackers exploit Windows policy vulnerability to forge Kernel-Mode driver signatures

Kernel mode driver signature

A Microsoft Windows policy vulnerability has been observed being exploited primarily by native Chinese-speaking threat actors to forge signatures on kernel-mode drivers. «Attackers are leveraging a variety of open-source tools that alter the signing date of kernel-mode drivers to load malicious and unverified drivers signed with expired certificates,» Cisco Talos said. know in a full … Leer más

New TOITOIN Banking Trojan Targets Latin American Businesses

Bank Trojan TOITOIN

July 10, 2023THINKINGEnterprise Security / Malware Businesses operating in Latin America (LATAM) have been targeted by a new Windows-based banking trojan called TOITOIN as of May 2023. «This sophisticated campaign uses a multi-stage infection chained trojan using specially crafted modules in each stage,» said Zscaler researchers Niraj Shivtarkar and Preet Kamal. «These modules are custom … Leer más