Researchers discovered a cybersecurity campaign exploiting a loophole in a Windows policy to deploy malware undetected. The attack uses an old driver, Truesight.sys (version 2.0.2), from Adlice’s RogueKiller Antirootkit suite, known for containing vulnerabilities that bypass security measures. Attackers manipulated the driver’s digital signature to avoid detection, creating over 2,500 variants. The campaign, active since 2024, mainly targets China and exploits Microsoft’s past exception allowing older drivers to load on newer Windows versions. Microsoft has now updated its driver blocklist to include all Truesight driver variants.
Hawaiian Airlines Cyber Attack: Reservation Systems Hit, Flights Continue – Beat of Hawaii
Summarize this content to a maximum of 60 words: Hawaiian Airlines Cyber Attack: Reservation Systems Hit, Flights Continue Beat of Hawaii
