HoneyMyte (Mustang Panda) is back with a new ToneShell backdoor. Read how this stealthy attack blinds Microsoft Defender to target government entities in Asia.

The threat actor uses a signed driver file containing two user-mode shellcodes to execute its ToneShell backdoor.

The post Chinese APT Mustang Panda Caught Using Kernel-Mode Rootkit appeared first on SecurityWeek.