Digitally-Signed Rootkits: FiveSys and Companions
More than a decade ago, rootkits were the apex predators of cybercrime.
These clandestine computer programs were built to offer attackers an uninterrupted foothold onto victims' computers and conceal malicious activities from the operating system as well as from antimalware solutions. For the past few months, Bitdefender researchers have seen a surge in malicious drivers with valid digital signatures issued through the WHQL signing process. FiveSys - a digitally signed rootkit that made its way through the driver certification process.
Featured Resources
blog
EscapeRoute: Breaking the Scope of Anthropic’s Filesystem MCP Server
(CVE-2025-53109 & CVE-2025-53110)
EXECUTIVE SUMMARY The Cymulate Research Labs is committed to advancing cybersecurity by scrutinizing emerging technologies and exposing hidden risks. Our
Solution Brief
Healthcare - Industry Brief
Healthcare Industry Under Attack Security leaders in the healthcare industry face significant challenges as threat actors target valuable data and
blog
AI Threat Detection: Supercharging Cyber Defenses with Intelligence & Scale
Security teams face an onslaught of ever-evolving threats, bloated alert queues and sprawling attack surfaces. Manual detection and periodic pen