SecurityWeek

Chinese APT Mustang Panda Caught Using Kernel-Mode Rootkit

The China-linked Mustang Panda APT has been using a kernel-mode rootkit in attacks leading to ToneShell backdoor deployments.
The Hacker News

Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor

Mustang Panda deployed TONESHELL via a signed kernel-mode rootkit, targeting Asian government networks and evading security ...

Chinese state hackers use rootkit to hide ToneShell malware activity

A new sample of the ToneShell backdoor, typically seen in Chinese cyberespionage campaigns, has been delivered through a kernel-mode loader in attacks against government organizations.
PC Magazine

kernel mode

The operating system mode. Processors operate either in kernel mode or "user mode." Also called "supervisor mode," the kernel mode enables the OS (kernel) to execute "privileged instructions," which ...
Ars Technica

IIS 7 kernel vs user mode caching

perfmon says that 'Kernel Current URIs Cached = 2 (average) and that 'Output Cache Current Items' = 3000-4000 (average) I think that this means that almost all of the objects are in the User Mode ...
CRN

Microsoft Exec: Windows Will Enable Security Tools To Run ‘Outside Of Kernel Mode’

Following the massive Windows outage in July caused by a defective CrowdStrike update, Microsoft is working on a way to allow security products to ‘run in user mode just as apps do,’ Microsoft’s David ...
Ars Technica

EA’s new anti-cheat tools dip into the dreaded “kernel mode”

EA announced its latest salvo in the endless cat-and-mouse battle of PC gaming cheat detection on Tuesday, and the effort prominently features one term sure to raise a red flag for some users: “kernel ...
TechSpot

Valorant's anti-cheat software loads kernel-based driver on system boot

Why it matters: When it comes to online multiplayer gaming, nobody likes a cheater, not even cheaters. Whether using external software to enhance their performance or just to troll other players, ...