hinoshiba
commented
1 year ago This issue is stale because it has been open 1 day with no activity. Remove stale label or comment or this will be closed in 1 day.
Closed hinoshiba closed 1 year ago
hinoshiba
commented
1 year ago This issue is stale because it has been open 1 day with no activity. Remove stale label or comment or this will be closed in 1 day.
hinoshiba
commented
1 year ago This issue was closed because it has been stale with no activity.
A Microsoft Windows policy loophole has been observed being exploited primarily by native Chinese-speaking threat actors to forge signatures on kernel-mode drivers. "Actors are leveraging multiple open-source tools that alter the signing date of kernel mode drivers to load malicious and unverified drivers signed with expired certificates," Cisco Talos said in an exhaustive two-part report shared
https://thehackernews.com/2023/07/hackers-exploit-windows-policy-loophole.html