Experimental News Clipping Site

Tag: rootkit

  • Krebs on Security: Microsoft Patch Tuesday, February 2025 Edition

    by

    Kurt Seifried
    in

    Source URL: https://krebsonsecurity.com/2025/02/microsoft-patch-tuesday-february-2025-edition/ Source: Krebs on Security Title: Microsoft Patch Tuesday, February 2025 Edition Feedly Summary: Microsoft today issued security updates to fix at least 56 vulnerabilities in its Windows operating systems and supported software, including two zero-day flaws that are being actively exploited. AI Summary and Description: Yes **Summary:** Microsoft has issued crucial updates…

  • The Register: One of Salt Typhoon’s favorite flaws still wide open on 91% of at-risk Exchange Servers

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/01/23/proxylogon_flaw_salt_typhoons_open/ Source: The Register Title: One of Salt Typhoon’s favorite flaws still wide open on 91% of at-risk Exchange Servers Feedly Summary: But we mean, you’ve had nearly four years to patch One of the critical security flaws exploited by China’s Salt Typhoon to breach US telecom and government networks has had a…

  • Microsoft Security Blog: Analyzing CVE-2024-44243, a macOS System Integrity Protection bypass through kernel extensions

    by

    Kurt Seifried
    in

    Source URL: https://www.microsoft.com/en-us/security/blog/2025/01/13/analyzing-cve-2024-44243-a-macos-system-integrity-protection-bypass-through-kernel-extensions/ Source: Microsoft Security Blog Title: Analyzing CVE-2024-44243, a macOS System Integrity Protection bypass through kernel extensions Feedly Summary: Microsoft discovered a macOS vulnerability allowing attackers to bypass System Integrity Protection (SIP) by loading third party kernel extensions, which could lead to serious consequences, such as allowing attackers to install rootkits, create persistent…

  • Hacker News: Bootkitty: Analyzing the first UEFI bootkit for Linux

    by

    system automation
    in

    Source URL: https://www.welivesecurity.com/en/eset-research/bootkitty-analyzing-first-uefi-bootkit-linux/ Source: Hacker News Title: Bootkitty: Analyzing the first UEFI bootkit for Linux Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text discusses the emergence of “Bootkitty,” the first UEFI bootkit targeting Linux systems, highlighting its implications for security professionals in AI, cloud, and infrastructure. This new threat reflects an evolving…

  • The Register: Salt Typhoon’s surge extends far beyond US telcos

    by

    system automation
    in

    Source URL: https://www.theregister.com/2024/11/27/salt_typhoons_us_telcos/ Source: The Register Title: Salt Typhoon’s surge extends far beyond US telcos Feedly Summary: Plus, a brand-new backdoor, GhostSpider, is linked to the cyber-spy crew’s operations The reach of the China-linked Salt Typhoon gang extends beyond American telecommunications giants, and its arsenal includes several backdoors, including a brand-new malware dubbed GhostSpider, according…

  • Hacker News: Security researchers identify new malware targeting Linux

    by

    system automation
    in

    Source URL: https://www.welivesecurity.com/en/eset-research/unveiling-wolfsbane-gelsemiums-linux-counterpart-to-gelsevirine/ Source: Hacker News Title: Security researchers identify new malware targeting Linux Feedly Summary: Comments AI Summary and Description: Yes Summary: ESET researchers have revealed the emergence of Linux malware associated with the Gelsemium APT group, marking a significant shift in their tactics as they move beyond Windows-targeted malware. The malware includes notable…

  • Slashdot: D-Link Tells Users To Trash Old VPN Routers Over Bug Too Dangerous To Identify

    by

    system automation
    in

    Source URL: https://it.slashdot.org/story/24/11/20/189224/d-link-tells-users-to-trash-old-vpn-routers-over-bug-too-dangerous-to-identify?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: D-Link Tells Users To Trash Old VPN Routers Over Bug Too Dangerous To Identify Feedly Summary: AI Summary and Description: Yes Summary: D-Link has advised users of older VPN routers to replace their devices due to a serious remote code execution vulnerability. This issue exemplifies the critical security risks…

  • The Register: D-Link tells users to trash old VPN routers over bug too dangerous to identify

    by

    system automation
    in

    Source URL: https://www.theregister.com/2024/11/20/dlink_rip_replace_router/ Source: The Register Title: D-Link tells users to trash old VPN routers over bug too dangerous to identify Feedly Summary: Vendor offers 20% discount on new model, but not patches Owners of older models of D-Link VPN routers are being told to retire and replace their devices following the disclosure of a…

  • Hacker News: New Windows Driver Signature bypass allows kernel rootkit installs

    by

    system automation
    in

    Source URL: https://www.bleepingcomputer.com/news/security/new-windows-driver-signature-bypass-allows-kernel-rootkit-installs/ Source: Hacker News Title: New Windows Driver Signature bypass allows kernel rootkit installs Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses a vulnerability in Windows kernel security that allows attackers to downgrade kernel components, circumventing security measures like Driver Signature Enforcement (DSE). Despite the advancements in kernel security,…

  • Schneier on Security: Perfectl Malware

    by

    system automation
    in

    Source URL: https://www.schneier.com/blog/archives/2024/10/perfectl-malware.html Source: Schneier on Security Title: Perfectl Malware Feedly Summary: Perfectl in an impressive piece of malware: The malware has been circulating since at least 2021. It gets installed by exploiting more than 20,000 common misconfigurations, a capability that may make millions of machines connected to the Internet potential targets, researchers from Aqua…