Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
GhostEmperor: From ProxyLogon to kernel mode
Threat Actors
September 30, 2021
Kaspersky Labs
GhostEmperor uses a formerly unknown Windows kernel mode rootkit dubbed Demodex and a sophisticated multi-stage malware framework aimed at providing remote control over the attacked servers.
Read More
GhostEmperor
Demodex
Microsoft Exchange Server
Windows Kernel Mode
Rootkit Attack
Publisher
Previous
SecZetta Announces $20.5 Million Series B Funding
Companies to Watch
Next
S2W raised over $10M of Series B funding
Companies to Watch
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_182278607.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/iStock_82918505_MEDIUM.jpg)
