rootkit – Computer Security Articles

Microsoft Revokes Malicious Drivers in Patch Tuesday Culling

July 11, 2023 admin 2023-07, anti-edr, drivers, drivers.stl, EDR, Featured, fivesys, fk_undead, fu rootkit, netfilter, Patch Tuesday, patches, rootkit, sophos x-ops, threat research, uac, wfp, windows filtering platform, Windows update

Credit to Author: Andrew Brandt| Date: Tue, 11 Jul 2023 17:20:38 +0000

In December 2022, Microsoft published their monthly Windows Update packages that included an advisory about malicious drivers, signed by Microsoft and other code-signing authorities, that Sophos X-Ops (and others) observed threat actors abusing during attacks. Today, Microsoft issued Security Advisory ADV230001 as part of their July Windows Update that addresses Sophos’ discovery of more than […]

Kaspersky Security

CosmicStrand rootkit hides in the UEFI firmware | Kaspersky official blog

July 26, 2022 admin cosmicstrand, GReAT, rootkit, Threats, uefi

Credit to Author: Julia Glazova| Date: Tue, 26 Jul 2022 17:10:51 +0000

We talk about the CosmicStrand rootkit, which tries to lie low in UEFI, the motherboard firmware.

Independent Krebs

The Link Between AWM Proxy & the Glupteba Botnet

June 28, 2022 admin A Little Sunshine, alureon, awm proxy, Breadcrumbs, constella intelligence, dennstr, dmitry starovikov, domaintools, ESET, glupteba botnet, google, kaspersky lab, lycefer, meris, Ne'er-Do-Well News, pay-per-install, riley kilmer, rootkit, rsocks botnet, spur.us, tdl-4, tdss, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Tue, 28 Jun 2022 18:33:31 +0000

On December 7, 2021, Google announced it had sued two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past decade. That same day, AWM Proxy — a 14-year-old anonymity service that rents hacked PCs to cybercriminals — suddenly went offline. Security experts had long seen a link between Glupteba and AWM Proxy, but new research shows AWM Proxy’s founder is one of the men being sued by Google.

MalwareBytes Security

5 Linux malware families SMBs should protect themselves against

June 8, 2022 admin Botnet, Business, Linux Malware, ransomware, rootkit, SMB

Credit to Author: Bill Cozens| Date: Wed, 08 Jun 2022 13:43:32 +0000

In this post, we’ll give you an overview of five Linux malware families your SMB should be protecting itself against — and how they work.

The post 5 Linux malware families SMBs should protect themselves against appeared first on Malwarebytes Labs.

MalwareBytes Security

A week in security (March 21 – 27)

March 28, 2022 admin a week in security, avoslocker, elden ring, esports, Facebook, hp printer vulnerability, lapsus$, microsoft exchange server, Okta, phishing, protestware, ransomware, rootkit, White House

Credit to Author: Malwarebytes Labs| Date: Mon, 28 Mar 2022 10:17:58 +0000

The most important and interesting security stories from the last seven days.

The post A week in security (March 21 – 27) appeared first on Malwarebytes Labs.

MalwareBytes Security

A new rootkit comes to an ATM near you

March 22, 2022 admin ATM fraud, atm malware, atm rootkit, binbash, caketap, cybercrime, lightbasin, miglocleaner, rootkit, slapstick, steelcorgi, steelhound, sun4me, tinyshell, unc1945, unc2891, wingcrack, winghook, wiperight

Credit to Author: Jovi Umawing| Date: Tue, 22 Mar 2022 21:24:19 +0000

CAKETAP is a new rootkit that can run on ATM switch servers—and its not alone in its ATM attacks.

The post A new rootkit comes to an ATM near you appeared first on Malwarebytes Labs.

MalwareBytes Security

A week in security (January 13 – 19)

January 20, 2020 admin a week in security, apt40, Cisco, Citrix, data enrichment, deepfakes, elastic servers, emotet, rootkit, travelex, weleakinfo

Credit to Author: Malwarebytes Labs| Date: Mon, 20 Jan 2020 16:32:45 +0000

Our weekly security roundup for January 13-19, with a look at elastic servers, data enrichment, rootkits, regulation for deepfakes, and more.

Categories:

A week in security

Tags: apt40 Cisco citrix data enrichment deepfakes elastic servers emotet rootkit travelex weleakinfo

(Read more…)

The post A week in security (January 13 – 19) appeared first on Malwarebytes Labs.

MalwareBytes Security

How to prevent a rootkit attack

January 14, 2020 admin application rootkits, bootloader, firmware rootkits, hardware rootkits, How-tos, kernel rootkits, phishing, rootkit, rootkit attacks, Social engineering, virtualized rootkits

Credit to Author: Gilad Maayan| Date: Tue, 14 Jan 2020 17:31:55 +0000

Rootkit attacks are considered one of the most dangerous cyberthreats today. Learn what they are, how they infect systems, and how to protect against them.

Categories:

How-tos

Tags: application rootkits bootloader firmware rootkits hardware rootkits kernel rootkits phishing rootkit rootkit attacks Social Engineering virtualized rootkits

(Read more…)

The post How to prevent a rootkit attack appeared first on Malwarebytes Labs.

← Previous