Hackers exploit Windows policy vulnerability to forge Kernel-Mode driver signatures

Kernel mode driver signature

A Microsoft Windows policy vulnerability has been observed being exploited primarily by native Chinese-speaking threat actors to forge signatures on kernel-mode drivers. «Attackers are leveraging a variety of open-source tools that alter the signing date of kernel-mode drivers to load malicious and unverified drivers signed with expired certificates,» Cisco Talos said. know in a full … Leer más