Dark Reading

SprySOCKS Windows Variant Abuses Kernel Drivers to Evade Detection

FishMonger, a China-nexus threat group, has deployed an undocumented version of the Linux backdoor against government targets in several countries.
The Hacker News

China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth

ESET found two Windows SprySOCKS variants with 30+ commands, C2 over TCP, UDP, and WebSocket, and government targets in 4 ...
WeLiveSecurity

FishMonger’s arsenal upgraded: SprySOCKS for Windows

ESET researchers have discovered SprySOCKS for Windows, FishMonger’s backdoor weaponizing a kernel driver for advanced ...
The Verge

Microsoft is building new Windows security features to prevent another CrowdStrike incident

There’s no talk of locking down the Windows kernel just yet, but Microsoft clearly wants to move endpoint security systems out of there. There’s no talk of locking down the Windows kernel just yet, ...
CRN

Analysis: Microsoft Won’t Evict Security Vendors From The Windows Kernel Anytime Soon

While Microsoft is taking steps to provide an alternative way for endpoint security vendors to operate in Windows following the massive July outage, there are no signs this new option will become ...
EurekAlert!

Windows kernel defenses aren't enough to stop a lucrative game cheating market – new study

Hackers commonly bypass Microsoft Windows kernel protections to enable cheating in competitive online games, new research shows. Academics at the University of Birmingham performed a technical ...