Cybernews

Chinese state hackers plant malware inside Windows

The Chinese-linked group Mustang Panda used a kernel-level rootkit to deploy undetectable TONESHELL malware, targeting ...

Researchers identify new ToneShell backdoor targeting government agencies

To defend against the new attacks, the researchers advise memory forensics as the number one way of spotting ToneShell infections. They also shared a list of indicators of compromise (IoC) which can ...

Chinese state hackers use rootkit to hide ToneShell malware activity

A new sample of the ToneShell backdoor, typically seen in Chinese cyberespionage campaigns, has been delivered through a kernel-mode loader in attacks against government organizations.
XDA Developers on MSN

Docker Desktop is convenient, but native containers taught me how Docker actually works

Docker Desktop features a simplified security context that masks many errors and failures behind the veil of a VM. Even ...
Infosecurity-magazine.com

Microsoft Fixes Windows Kernel Zero Day in November Patch Tuesday

Microsoft issued security updates to fix over 60 CVEs in the November Patch Tuesday yesterday, including one being actively exploited in the wild. No public proof-of-concept has been released for ...
Linux Journal

Windows 11 Powers Up WSL: How GPU Acceleration & Kernel Upgrades Change the Game

Windows Subsystem for Linux (WSL) has gradually become one of Microsoft’s key bridges for developers, data scientists, and power users who need Linux compatibility without leaving the Windows ...
CSOonline

Microsoft hints at revoking access to the Windows kernel — eventually

A new Microsoft announcement suggests it has found a way to deliver kernel-level visibility and capabilities to apps running in user mode. Experts conclude a ban on kernel access for cybersecurity ...
TechSpot

The Windows kernel is about to receive a security-focused redesign after CrowdStrike crash

Why it matters: The kernel space is the core component of a computer operating system, where critical hardware management and device driver code reside in memory. If a kernel-level driver malfunctions ...
Ars Technica

Microsoft changes Windows in attempt to prevent next CrowdStrike-style catastrophe

In the summer of 2024, corporate anti-malware provider CrowdStrike pushed a broken update to millions of PCs and servers running some version of Microsoft’s Windows software, taking down systems that ...
ZDNet

Microsoft rolls out Windows security changes to prevent another CrowdStrike meltdown

Last summer's CrowdStrike meltdown was a nightmare for network administrators worldwide, disrupting healthcare systems, cutting off access to banking systems, and grounding aircraft. All in all, the ...
The Verge

Microsoft is moving antivirus providers out of the Windows kernel

Microsoft is ready to test Windows changes to prevent another CrowdStrike incident. Microsoft is ready to test Windows changes to prevent another CrowdStrike incident. is a senior editor and author of ...