Chinese state hackers use rootkit to hide ToneShell malware activity

A new sample of the ToneShell backdoor, typically seen in Chinese cyberespionage campaigns, has been delivered through a kernel-mode loader in attacks against government organizations.
IEEE

Fileless Malware Threats: Evaluating Machine Learning Algorithms for Anomaly Detection

Abstract: Fileless malware is an advanced cybersecurity threat that utilizes trusted system modules to execute itself without leaving traces detectable by traditional antivirus software. Detecting ...

Fake MAS Windows activation domain used to spread PowerShell malware

A typosquatted domain impersonating the Microsoft Activation Scripts (MAS) tool was used to distribute malicious PowerShell ...