Experimental News Clipping Site

Tag: rootkit

  • Microsoft Security Blog: Analyzing CVE-2024-44243, a macOS System Integrity Protection bypass through kernel extensions

    by

    Kurt Seifried
    in

    Source URL: https://www.microsoft.com/en-us/security/blog/2025/01/13/analyzing-cve-2024-44243-a-macos-system-integrity-protection-bypass-through-kernel-extensions/ Source: Microsoft Security Blog Title: Analyzing CVE-2024-44243, a macOS System Integrity Protection bypass through kernel extensions Feedly Summary: Microsoft discovered a macOS vulnerability allowing attackers to bypass System Integrity Protection (SIP) by loading third party kernel extensions, which could lead to serious consequences, such as allowing attackers to install rootkits, create persistent…

  • Hacker News: Bootkitty: Analyzing the first UEFI bootkit for Linux

    by

    system automation
    in

    Source URL: https://www.welivesecurity.com/en/eset-research/bootkitty-analyzing-first-uefi-bootkit-linux/ Source: Hacker News Title: Bootkitty: Analyzing the first UEFI bootkit for Linux Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text discusses the emergence of “Bootkitty,” the first UEFI bootkit targeting Linux systems, highlighting its implications for security professionals in AI, cloud, and infrastructure. This new threat reflects an evolving…

  • The Register: Salt Typhoon’s surge extends far beyond US telcos

    by

    system automation
    in

    Source URL: https://www.theregister.com/2024/11/27/salt_typhoons_us_telcos/ Source: The Register Title: Salt Typhoon’s surge extends far beyond US telcos Feedly Summary: Plus, a brand-new backdoor, GhostSpider, is linked to the cyber-spy crew’s operations The reach of the China-linked Salt Typhoon gang extends beyond American telecommunications giants, and its arsenal includes several backdoors, including a brand-new malware dubbed GhostSpider, according…

  • Hacker News: Security researchers identify new malware targeting Linux

    by

    system automation
    in

    Source URL: https://www.welivesecurity.com/en/eset-research/unveiling-wolfsbane-gelsemiums-linux-counterpart-to-gelsevirine/ Source: Hacker News Title: Security researchers identify new malware targeting Linux Feedly Summary: Comments AI Summary and Description: Yes Summary: ESET researchers have revealed the emergence of Linux malware associated with the Gelsemium APT group, marking a significant shift in their tactics as they move beyond Windows-targeted malware. The malware includes notable…

  • Slashdot: D-Link Tells Users To Trash Old VPN Routers Over Bug Too Dangerous To Identify

    by

    system automation
    in

    Source URL: https://it.slashdot.org/story/24/11/20/189224/d-link-tells-users-to-trash-old-vpn-routers-over-bug-too-dangerous-to-identify?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: D-Link Tells Users To Trash Old VPN Routers Over Bug Too Dangerous To Identify Feedly Summary: AI Summary and Description: Yes Summary: D-Link has advised users of older VPN routers to replace their devices due to a serious remote code execution vulnerability. This issue exemplifies the critical security risks…

  • The Register: D-Link tells users to trash old VPN routers over bug too dangerous to identify

    by

    system automation
    in

    Source URL: https://www.theregister.com/2024/11/20/dlink_rip_replace_router/ Source: The Register Title: D-Link tells users to trash old VPN routers over bug too dangerous to identify Feedly Summary: Vendor offers 20% discount on new model, but not patches Owners of older models of D-Link VPN routers are being told to retire and replace their devices following the disclosure of a…

  • Hacker News: New Windows Driver Signature bypass allows kernel rootkit installs

    by

    system automation
    in

    Source URL: https://www.bleepingcomputer.com/news/security/new-windows-driver-signature-bypass-allows-kernel-rootkit-installs/ Source: Hacker News Title: New Windows Driver Signature bypass allows kernel rootkit installs Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses a vulnerability in Windows kernel security that allows attackers to downgrade kernel components, circumventing security measures like Driver Signature Enforcement (DSE). Despite the advancements in kernel security,…

  • Schneier on Security: Perfectl Malware

    by

    system automation
    in

    Source URL: https://www.schneier.com/blog/archives/2024/10/perfectl-malware.html Source: Schneier on Security Title: Perfectl Malware Feedly Summary: Perfectl in an impressive piece of malware: The malware has been circulating since at least 2021. It gets installed by exploiting more than 20,000 common misconfigurations, a capability that may make millions of machines connected to the Internet potential targets, researchers from Aqua…

  • Wired: Stealthy Malware Has Infected Thousands of Linux Systems for Years

    by

    system automation
    in

    Source URL: https://arstechnica.com/security/2024/10/persistent-stealthy-linux-malware-has-infected-thousands-since-2021/ Source: Wired Title: Stealthy Malware Has Infected Thousands of Linux Systems for Years Feedly Summary: Perfctl malware is hard to detect, persists after reboots, and can perform a breadth of malicious activities. AI Summary and Description: Yes Summary: The text discusses a stealthy malware strain named Perfctl that has infected thousands of…

  • Slashdot: Thousands of Linux Systems Infected By Stealthy Malware Since 2021

    by

    system automation
    in

    Source URL: https://linux.slashdot.org/story/24/10/04/1759201/thousands-of-linux-systems-infected-by-stealthy-malware-since-2021?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Thousands of Linux Systems Infected By Stealthy Malware Since 2021 Feedly Summary: AI Summary and Description: Yes Summary: The text discusses a sophisticated malware strain named Perfctl that has infected numerous Linux systems since 2021. It exploits misconfigurations and a critical vulnerability in Apache RocketMQ, employing stealth techniques to…