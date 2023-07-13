Chinese hackers have been spotted using two open-source tools to sign and load malicious kernel mode drivers on compromised endpoints. According to cybersecurity researchers from Cisco Talos who spotted the campaign, this gives the attackers the highest-possible privilege level. "This is a major threat, as access to the kernel provides complete access to a system, and therefore total compromise,” they said in their analysis. The two open-source tools in question are called HookSignalTool, and FuckCertVerifyTimeValidity. These two have been around for roughly five years, and are available for download on GitHub. Their primary function was to allow gaming cheaters to...