Chinese state hackers use rootkit to hide ToneShell malware activity

A new sample of the ToneShell backdoor, typically seen in Chinese cyberespionage campaigns, has been delivered through a kernel-mode loader in attacks against government organizations.
Computerworld

Using DISM to install Windows updates

Windows’ built-in Deployment Image Servicing and Management (DISM) command, a.k.a. dism.exe, is something of a Swiss Army knife when it comes to working on Windows OS images. Among its many ...