Get a Pentest and security assessment of your IT network.

News

TDL4 Rootkit Bypasses Windows Code-Signing Protection

TDL4 rootkit is latest version of an older rootkit also known as TDSS and Alureon. The rootkit evades a protection in Windows 7 and Windows Vista that requires kernel-level code loaded onto a machine to be signed. The malware evades this protection by changing the boot process on protected machines, an analysis by Sunbelt Software says. Microsoft says the rootkit does not actually bypass the protection because it doesn t inspect all loaded drivers, only the code used by the kernel.

Source: https://threatpost.com/tdl4-rootkit-bypasses-windows-code-signing-protection-111610/74676/

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Webroot Impact of Web-borne threats on businesses

News

UK NCSC warns of cyber attacks powered by Russia against the political system