Chinese state hackers use rootkit to hide ToneShell malware activity

A new sample of the ToneShell backdoor, typically seen in Chinese cyberespionage campaigns, has been delivered through a kernel-mode loader in attacks against government organizations.
The Hacker News

⚡ Weekly Recap: MongoDB Attacks, Wallet Breaches, Android Spyware, Insider Crime & More

This weekly recap brings those stories together in one place. No overload, no noise. Read on to see what shaped the threat ...
IEEE

Fileless Malware Threats: Evaluating Machine Learning Algorithms for Anomaly Detection

Abstract: Fileless malware is an advanced cybersecurity threat that utilizes trusted system modules to execute itself without leaving traces detectable by traditional antivirus software. Detecting ...

Fake MAS Windows activation domain used to spread PowerShell malware

A typosquatted domain impersonating the Microsoft Activation Scripts (MAS) tool was used to distribute malicious PowerShell ...
CSO Online

Webrat turns GitHub PoCs into a malware trap

The known RAT aimed at gamers is now targeting security professionals searching GitHub for PoCs and exploit codes.