How a legitimate and signed driver left the doors open to threats – Week in Security with Tony Anscombe
- by nlqip
Video
A purported ad blocker marketed as a security solution hides kernel-level malware that inadvertently exposes victims to even more dangerous threats
21 Jul 2024
This week, ESET researchers have released their findings about HotPage, a browser injector that leverages a driver developed by a Chinese company and signed by Microsoft.
The malware masquerades as an “Internet café security solution” with ad-blocking capabilities. In reality, however, it displays game-related ads and can modify or replace the contents of a requested page, redirect the user to another page, or open a new page in a new tab based on certain conditions.
What’s more, it also inadvertently leaves the door open for other threats to run code at the highest privilege level in Windows – the SYSTEM account.
Watch as Tony dives into the story and explains how certificate abuse is still a hot issue.
Connect with us on Facebook, Twitter, LinkedIn and Instagram.
Source link
lol
Video A purported ad blocker marketed as a security solution hides kernel-level malware that inadvertently exposes victims to even more dangerous threats 21 Jul 2024 This week, ESET researchers have released their findings about HotPage, a browser injector that leverages a driver developed by a Chinese company and signed by Microsoft. The malware masquerades as…
Recent Posts
- Arm To Seek Retrial In Qualcomm Case After Mixed Verdict
- Jury Sides With Qualcomm Over Arm In Case Related To Snapdragon X PC Chips
- Equinix Makes Dell AI Factory With Nvidia Available Through Partners
- AMD’s EPYC CPU Boss Seeks To Push Into SMB, Midmarket With Partners
- Fortinet Releases Security Updates for FortiManager | CISA