Kernel-level – Experimental News Clipping Site

The Register: Ransomware crews don’t care about your endpoint security – they’ve already killed it

Aug 14, 2025

—

by

Source URL: https://www.theregister.com/2025/08/14/edr_killers_ransomware/ Source: The Register Title: Ransomware crews don’t care about your endpoint security – they’ve already killed it Feedly Summary: Some custom malware, some legit software tools At least a dozen ransomware gangs have incorporated kernel-level EDR killers into their malware arsenal, allowing them to bypass almost every major endpoint security tool on…

Cloud Blog: From Help Desk to Hypervisor: Defending Your VMware vSphere Estate from UNC3944

Jul 23, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/defending-vsphere-from-unc3944/ Source: Cloud Blog Title: From Help Desk to Hypervisor: Defending Your VMware vSphere Estate from UNC3944 Feedly Summary: Introduction In mid 2025, Google Threat Intelligence Group (GITG) identified a sophisticated and aggressive cyber campaign targeting multiple industries, including retail, airline, and insurance. This was the work of UNC3944, a financially motivated threat…

Cloud Blog: How to enable Secure Boot for your AI workloads

Jul 18, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/products/identity-security/how-to-enable-secure-boot-for-your-ai-workloads/ Source: Cloud Blog Title: How to enable Secure Boot for your AI workloads Feedly Summary: As organizations race to deploy powerful GPU-accelerated workloads, they might overlook a foundational step: ensuring the integrity of the system from the very moment it turns on. Threat actors, however, have not overlooked this. They increasingly target…

Cisco Talos Blog: Decrement by one to rule them all: AsIO3.sys driver exploitation

Jun 26, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://blog.talosintelligence.com/decrement-by-one-to-rule-them-all/ Source: Cisco Talos Blog Title: Decrement by one to rule them all: AsIO3.sys driver exploitation Feedly Summary: Cisco Talos uncovered and analyzed two critical vulnerabilities in ASUS’ AsIO3.sys driver, highlighting serious security risks and the importance of robust driver design. AI Summary and Description: Yes Summary: The text reveals critical vulnerabilities in…

CSA: Overlooked Foundation of Zero Trust

May 15, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloudsecurityalliance.org/articles/integrity-an-overlooked-foundation-of-zero-trust Source: CSA Title: Overlooked Foundation of Zero Trust Feedly Summary: AI Summary and Description: Yes **Summary:** The text discusses the critical importance of Kernel Runtime Integrity within Zero Trust security models. It highlights that while many organizations adopt Zero Trust architectures focusing on user identity and network segmentation, the integrity of the…

Slashdot: How Riot Games is Fighting the War Against Video Game Hackers

May 6, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://games.slashdot.org/story/25/05/06/0031241/how-riot-games-is-fighting-the-war-against-video-game-hackers?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: How Riot Games is Fighting the War Against Video Game Hackers Feedly Summary: AI Summary and Description: Yes Summary: Riot Games has successfully reduced cheating in Valorant to under 1% of ranked games by employing an advanced kernel-level anti-cheat system called Vanguard. The system leverages various security features and…

Cloud Blog: Hello 0-Days, My Old Friend: A 2024 Zero-Day Exploitation Analysis

Apr 29, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/2024-zero-day-trends/ Source: Cloud Blog Title: Hello 0-Days, My Old Friend: A 2024 Zero-Day Exploitation Analysis Feedly Summary: Written by: Casey Charrier, James Sadowski, Clement Lecigne, Vlad Stolyarov Executive Summary Google Threat Intelligence Group (GTIG) tracked 75 zero-day vulnerabilities exploited in the wild in 2024, a decrease from the number we identified in 2023…

Hacker News: Landrun: Sandbox any Linux process using Landlock, no root or containers

Mar 22, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://github.com/Zouuup/landrun Source: Hacker News Title: Landrun: Sandbox any Linux process using Landlock, no root or containers Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses a lightweight and secure sandboxing tool called Landrun, built on the Landlock LSM introduced in Linux. This tool provides advanced access control features for Linux…

Hacker News: A powerful free and open source WAF – UUSEC WAF

Mar 16, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://github.com/Safe3/uuWAF Source: Hacker News Title: A powerful free and open source WAF – UUSEC WAF Feedly Summary: Comments AI Summary and Description: Yes Summary: The text describes the UUSEC WAF, a web application firewall that employs advanced machine learning techniques and multi-layered defense strategies to combat web vulnerabilities and enhance security. Its innovative…

Slashdot: Windows Defender Now Flags WinRing0 Driver as Security Threat, Breaking Multiple PC Monitoring Tools

Mar 14, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://it.slashdot.org/story/25/03/14/1351225/windows-defender-now-flags-winring0-driver-as-security-threat-breaking-multiple-pc-monitoring-tools?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Windows Defender Now Flags WinRing0 Driver as Security Threat, Breaking Multiple PC Monitoring Tools Feedly Summary: AI Summary and Description: Yes Summary: The text discusses Windows Defender’s identification of WinRing0, a kernel-level driver, as malicious software. This is significant for professionals in system security as it highlights emerging vulnerabilities…

Tag: Kernel-level