HackDig : Dig high-quality web security articles for hackers

Project Freta, a free service that allows finding malware in OS memory snapshots

Microsoft launched Project Freta, a free service that allows users to find malware, including rootkit, in operating system memory snapshots. Microsoft has unveiled a new project, dubbed Project Freta, for the discovery of malicious code in operating system memory snapshots. The Project Freta is a cloud-based service that allows users to collect forensi
Publish At:2020-07-07 16:21 | Read:209 | Comments:0 | Tags:Breaking News Hacking hacking news information security news

A week in security (January 13 – 19)

Last week on Malwarebytes Labs, we taught you how to prevent a rootkit attack, explained what data enrichment means, informed you about new rules on deepfakes in the US, and demonstrated how backdoors in elastic servers expose private data. Other cybersecurity news An online group of cybersecurity analysts calling themselves Intrusion Truth have revea
Publish At:2020-01-20 16:50 | Read:818 | Comments:0 | Tags:A week in security apt40 Cisco citrix data enrichment deepfa

How to prevent a rootkit attack

If you’re ever at the receiving end of a rootkit attack, then you’ll understand why they are considered one of the most dangerous cyberthreats today. Rootkits are a type of malware designed to stay undetected on your computer. Cybercriminals use rootkits to remotely access and control your machine, burrowing deep into the system like a latche
Publish At:2020-01-14 16:55 | Read:694 | Comments:0 | Tags:How-tos application rootkits bootloader firmware rootkits ha

Rootkit Umbreon / Umreon - x86, ARM samples

Pokémon-themed Umbreon Linux Rootkit Hits x86, ARM SystemsResearch: Trend MicroThere are two packagesone is 'found in the wild' full and a set of hashes from Trend Micro (all but one file are already in the full package)DownloadDownload Email me if you need the password  File informationPart one (full package)#File NameHash ValueFile Size (on
Publish At:2019-11-21 11:45 | Read:989 | Comments:0 | Tags:ARM Linux rootkit Umbreon x86

Skidmap Linux Malware Uses Rootkit Capabilities to Hide Cryptocurrency-Mining Payload

By Augusto Remillano II and Jakub Urbanec (Threat Analysts) Cryptocurrency-mining malware is still a prevalent threat, as illustrated by our detections of this threat in the first half of 2019. Cybercriminals, too, increasingly explored new platforms and ways to further cash in on their malware — from mobile devices and Unix and Unix-like systems to servers
Publish At:2019-09-19 14:50 | Read:995 | Comments:0 | Tags:Malware cryptocurrency miner Linux rootkit Skidmap

ZNIU, the first Android malware family to exploit the Dirty COW vulnerability

Security experts at Trend Micro have recently spotted a new strain of Android malware, dubbed ZNIU, that exploits the Dirty COW Linux kernel vulnerability. The Dirty COW vulnerability was discovered by the security expert Phil Oester in October 2016, it could be exploited by a local attacker to escalate privileges. The name ‘Dirty COW’ is due to
Publish At:2017-09-27 05:25 | Read:5862 | Comments:0 | Tags:Breaking News Cyber Crime Malware Mobile Android CVE-2016-51

Experts spotted Triada Trojan in firmware of low-cost Android smartphones

Malware researchers at the Russian anti-virus firm Dr.Web have spotted the Triada Trojan in the firmware of several low-cost Android smartphones. Another case of pre-installed malware make the headlines, malware researchers at the Russian anti-virus firm Dr.Web have spotted the Triada Trojan in the firmware of several low-cost Android smartphones, including
Publish At:2017-07-29 17:25 | Read:3657 | Comments:0 | Tags:Breaking News Malware Mobile Android malware mobile pre-inst

With this PHP rootkit you can take over a server hiding it in PHP server modules

The Dutch developer Luke Paris has created a PHP rootkit that hides in PHP server modules, he also explained why it is more dangerous of classic rootkits. The Dutch developer Luke Paris has created a rootkit that hides in PHP server modules that could be used by attackers to take over web servers. While classic rootkits work on the lowest levels of the opera
Publish At:2017-06-17 22:10 | Read:3371 | Comments:0 | Tags:Breaking News Hacking malware PHP rootkit rootkit

Backdoor keys allow attackers to the bypass UEFI Secure Boot

Once again Microsoft failed in fixing a severe Secure Boot vulnerability that can be exploited to install rootkits on Windows devices. Microsoft has accidentally leaked the Secret keys to Bypass UEFI Secure Boot. The Secure Boot is a UEFI (Unified Extensible Firmware Interface) feature that should prevent the execution of unauthorized code during the boot
Publish At:2016-08-11 05:55 | Read:4587 | Comments:0 | Tags:Breaking News Hacking Microsoft rootkit Secure Boot UEFI Uni

SyScan360 Singapore 2016 slides and exploit code

The exploit for the bug I presented last March at SyScan360 is today one year old so I decided to release it. I wasn’t sure if I should do it or not since it can be used in the wild but Google Project Zero also released a working version so it doesn’t really make a difference. I’m also publishing here the final version of the slides that di
Publish At:2016-04-28 00:35 | Read:3142 | Comments:0 | Tags:Security exploit rootkit vulnerability

Triada Trojan the most sophisticated mobile malware seen to date

Kaspersky Lab recently spotted a new Android malware dubbed Triads Trojan, which they say is the most advanced mobile malware seen to date. Malware researchers at Kaspersky Lab have discovered a new strain of malware, dubbed Triada (Backdoor.AndroidOS.Triada), targeting Android devices, which they consider the most advanced mobile threat seen to date.  The r
Publish At:2016-03-10 23:15 | Read:4186 | Comments:0 | Tags:Breaking News Malware Mobile Android Cybercrime malware mobi

London and Asia EFI monsters tour!

Finally back home from China and Japan tour, so it’s time to finally release the updated slides about EFI Monsters. After Secuinside I updated them a bit, fixing stuff I wasn’t happy with and adding some new content. The updated version was first presented at 44CON London. I had serious reservations about going to the UK (not even in transit!) bu
Publish At:2016-01-24 20:35 | Read:3125 | Comments:0 | Tags:Mac Reversing Security backdoor EFI rootkit

Yet malicious software found on Lenovo PCs

Chinese computer manufacturers Lenovo has been caught once again using a hidden Windows feature to preinstall unwanted and unremovable rootkit. Lenovo firm was accused several times to supplying equipment for networks of the intelligence and defense services various countries that allowed the Chinese Government to run espion
Publish At:2015-08-13 10:50 | Read:3149 | Comments:0 | Tags:Breaking News Hacking espionge Lenovo rootkit spyware

Lenovo Hit With Criticism Over Second Rootkit-Like Utility

Lenovo is under fire again for installing a covert utility on laptops and desktops that some users have compared to a rootkit.The issue stems from a utility called the Lenovo Service Engine, that is designed to collect some system information and send it to Lenovo at the time the machine connects to the Internet. But some Lenovo users discovered that even af
Publish At:2015-08-13 10:10 | Read:4633 | Comments:0 | Tags:Malware Vulnerabilities Lenovo malware rootkit Superfish

Thunderstrike 2 rootkit infects Mac firmware

A security researcher developed an improved version of the Thunderstrike rootkit that uses Thunderbolt accessories to infect the Mac firmware. Earlier this year, security expert Trammell Hudson presented a proof-of-concept firmware called Thunderstrike. Thunderstrike is a hacking technique to infect Apple’s Mac PCs with EFI Bo
Publish At:2015-08-05 10:15 | Read:2914 | Comments:0 | Tags:Breaking News Hacking Malware Apple malware rootkit Thunderb


Share high-quality web security related articles with you:)