WeLiveSecurity

FishMonger’s arsenal upgraded: SprySOCKS for Windows

ESET researchers have discovered SprySOCKS for Windows, FishMonger’s backdoor weaponizing a kernel driver for advanced ...
Dark Reading

SprySOCKS Windows Variant Abuses Kernel Drivers to Evade Detection

FishMonger, a China-nexus threat group, has deployed an undocumented version of the Linux backdoor against government targets in several countries.
The Hacker News

China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth

ESET found two Windows SprySOCKS variants with 30+ commands, C2 over TCP, UDP, and WebSocket, and government targets in 4 ...
CRN

CrowdStrike: Microsoft’s Windows Kernel Update Process ‘Was Followed’

In a statement responding to CRN’s interview with SentinelOne CEO Tomer Weingarten, CrowdStrike says that its July 19 update did not bypass Microsoft’s ‘clear kernel review process.’ CrowdStrike said ...
The Verge

Microsoft is building new Windows security features to prevent another CrowdStrike incident

There’s no talk of locking down the Windows kernel just yet, but Microsoft clearly wants to move endpoint security systems out of there. There’s no talk of locking down the Windows kernel just yet, ...