#ToneShell

CyberMaterial

@cybermaterial.bsky.social

2 months ago

Mustang Panda Uses Signed Rootkit
Read More: buff.ly/jrfVltj

#MustangPanda #ChinaAPT #SignedRootkit #TONESHELL #CyberEspionage #AdvancedPersistentThreat #ThreatIntel #NationStateCyber #EndpointEvasion

The New Oil

@thenewoil.org

2 months ago

Chinese state hackers use rootkit to hide ToneShell malware activity A new sample of the ToneShell backdoor, typically seen in Chinese cyberespionage campaigns, has been delivered through a kernel-mode loader in attacks against government organizations.

Chinese state hackers use #rootkit to hide #ToneShell #malware activity

www.bleepingcomputer.com/news/security/chinese-st...

#China #cybersecurity

Hackread.com

@hackread.bsky.social

2 months ago

HoneyMyte (aka Mustang Panda) Deploys ToneShell Backdoor in New Attacks Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

HoneyMyte aka Mustang Panda is using a signed rootkit to drop the #ToneShell backdoor in ongoing attacks, hiding its activity from security tools and giving attackers remote access to system.

Read: hackread.com/honeymyte-mu...

#CyberSecurity #HoneyMyte #MustangPanda #Malware

ReconBee

@reconbee.bsky.social

2 months ago

Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor retrieve next-stage malware onto infected machines read more about Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor

Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor reconbee.com/mustang-pand...

#mustangpanda #kernel #rootkit #TONESHELLbackdoor #TONESHELL #CybersecurityNews #cyberattack

Rene Robichaud

@neroqc.bsky.social

6 months ago

New ToneShell Backdoor With New Features Leverage Task Scheduler COM Service for Persistence Since its first appearance earlier this year, the ToneShell backdoor has demonstrated a remarkable capacity for adaptation, toyed with by the Mustang Panda group to maintain an enduring foothold in ta...

New ToneShell Backdoor With New Features Leverage Task Scheduler COM Service for Persistence
cybersecuritynews.com/new-toneshel...

#Infosec #Security #Cybersecurity #CeptBiro #ToneShell #Backdoor #NewFeatures #TaskScheduler #COMService #Persistence

Pia

@cecallihelper.bsky.social

10 months ago

Latest Sophisticated Attacks and Key Vulnerabilities Explore the latest advancements in cybersecurity, highlighting sophisticated threats, critical vulnerabilities, and the importance of robust security measures to protect sensitive sectors globally.

"Infrastructure risks have also been prominent, w/vulnerabilities in ASUS routers & critical ICS devices from Schneider Electric & Yokogawa exposing sectors like #energy & manufacturing to..." digitalfrontierpartners.com.au/news/latest-... RU #APT29 Android #NFC China #UNC5221 #SNOWLIGHT #TONESHELL

Kevin Thomas

@mytechnotalent.bsky.social

1 year ago

Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks Mustang Panda exploits MAVInject.exe to evade ESET detection, using EA files to sideload TONESHELL backdoor for persistent cyber espionage.

Mustang Panda is using MAVInject.exe to inject malware into waitfor.exe, bypassing ESET with a TONESHELL backdoor.

Memorizing policies and chasing non-technical certs won’t stop real attackers.

#CyberSecurity #ThreatHunting #APT #MAVInject #TONESHELL

thehackernews.com/2025/02/chin...

Cipher Tech Solutions

@ciphertech.bsky.social

2 years ago

Another round of release notes is available for this month. See it here: www.ciphertechsolutions.com/acce-release... #ToneShell #DiceLoader #XPhase #Pikabot #HodeRAT