- Microsoft is revamping the reviled Windows 11 Start menu - here's a sneak peek
- I test sleep trackers for a living: 5 tricks they've taught me for getting better rest
- The Turing Test has a problem - and OpenAI's GPT-4.5 just exposed it
- This Android smartwatch undercuts what Samsung and Google offer - and it's better in ways
- Gemini Pro 2.5 is a stunningly capable coding assistant - and a big threat to ChatGPT
Chinese cyberespionage group deploys custom backdoors on Juniper routers
Junos OS provides administrators with a custom command-line interface (CLI) that allows issuing Junos specific commands, but also the ability to switch to the underlying FreeBSD shell and use the general FreeBSD command-line tools and programs.
The OS also implements a modified variant of the NetBSD Verified Exec (veriexec), a kernel-based file integrity verification subsystem whose goal is to protect against the execution of unauthorized binaries. As such, deploying and running any malware implant requires a bypass of this feature or disabling it entirely, which could raise alerts.
UNC3886 developed a complex process injection technique in order to bypass variexec by creating a hung process using the built-in and legitimate cat utility, writing a malicious shellcode loader to specific memory locations assigned to the cat process and then tricking the process to execute that code. Since the malicious code execution happened through a trusted process, variexec was bypassed.
