Keep your eyes on these SECURITY articles! Network filter rootkit driver signed by Microsoft

released on 2021-06-21 @ 03:06:30 PM

Found a Microsoft signed file that turns out to be a WFP application layer enforcement callout driver that redirects traffic to a Chinese IP.

VERY IMPORTANT