Get a Pentest and security assessment of your IT network.

News

TDL4 Rootkit Bypasses Windows Code-Signing Protection

TDL4 rootkit is latest version of an older rootkit also known as TDSS and Alureon. The rootkit evades a protection in Windows 7 and Windows Vista that requires kernel-level code loaded onto a machine to be signed. The malware evades this protection by changing the boot process on protected machines, an analysis by Sunbelt Software says. Microsoft says the rootkit does not actually bypass the protection because it doesn t inspect all loaded drivers, only the code used by the kernel.

Source: https://threatpost.com/tdl4-rootkit-bypasses-windows-code-signing-protection-111610/74676/

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

1 day attack with DDoS booter costs $60 causing $720k in damageSecurity Affairs

News

NSA-linked Cisco exploit poses bigger threat than previously thought