Microsoft has confirmed that it has signed off on the recently discovered "rootkit malware" found on the Windows platform, which is believed to be a potential point of access for threat actors. The ...

The China-linked Mustang Panda APT has been using a kernel-mode rootkit in attacks leading to ToneShell backdoor deployments.

When combined with Web threats, the new rootkit is proving to be both a destructive and prolific combination, security experts say. The rootkit models a similar virus from several years ago but with ...

The driver, called “Netfilter,” is a rootkit that talks to Chinese C2 IPs and aims to spoof gamers’ geo-locations to cheat the system and play from anywhere, Microsoft said. Microsoft signed a driver ...

A new sample of the ToneShell backdoor, typically seen in Chinese cyberespionage campaigns, has been delivered through a kernel-mode loader in attacks against government organizations.

Multiple malicious installers were delivering the same Purple Fox rootkit version using the same attack chain, possibly distributed via email or phishing sites. A malicious Telegram instant-messaging ...

Rootkits are becoming more prevalent and difficult to detect, and security vendor McAfee claims the blame falls squarely on the open-source community. In its “Rootkits” report being published Monday , ...

Security researchers discovered a remote access trojan they named Krasue that is targeting Linux systems of telecommunications companies and managed to remain undetected since 2021. They found that ...

Sophos PLC has released a free tool to help PC users root out rootkits. Called Sophos Anti-Rootkit, the software will detect and remove both known and unknown rootkits, and it will also warn system ...