rootkit – Page 4 – WindowsTechs.com

BEURK – Linux Userland Preload Rootkit

Posted on April 22, 2017 by Darknet

BEURK is an userland preload rootkit for GNU/Linux, heavily focused around anti-debugging and anti-detection. Being a userland rootkit it gives limited privileges (whatever the user has basically) vs a superuser or root level rootkit. Features Hide att… Continue reading BEURK – Linux Userland Preload Rootkit→

Reading the Unreadable SROM: Inside the PSoC4

Posted on March 4, 2017 by Elliot Williams

Wow. [Dmitry Grinberg] just broke into the SROM on Cypress’ PSoC 4 chips. The supervisory read-only memory (SROM) in question is a region of proprietary code that runs when the chip starts up, and in privileged mode. It’s exactly the kind of black box that’s a little bit creepy and a horribly useful target for hackers if the black box can be broken open. What’s inside? In the manual it says “The user has no access to read or modify the SROM code.” Nobody outside of Cypress knows. Until now.

This matters because the PSoC 4000 chips are among the …read more

Continue reading Reading the Unreadable SROM: Inside the PSoC4→

A week in security (Dec 04 – Dec 10)

Posted on December 12, 2016 by Malwarebytes Labs

A compilation of notable security news and blog posts from the 4th of December to the 10th. This week, we talked about DGA, a rootkit, another malvertising campaign, and a fake news about “smart drugs”.Categories: Security world
Week in securityTags: … Continue reading A week in security (Dec 04 – Dec 10)→

Simple userland rootkit – a case study

Posted on December 7, 2016 by Malwarebytes Labs

In this article, we will have a case study of a simple userland rootkit, that uses a technique of API redirection in order to hide own presence from the popular monitoring tools.Categories: Malware
Threat analysisTags: malwarerootkit(Read more…) Continue reading Simple userland rootkit – a case study→

Dangerous Rootkit found Pre-Installed on nearly 3 Million Android Phones

Posted on November 19, 2016 by Swati Khandelwal

Here’s some bad news for Android users again.

Nearly 3 Million Android devices worldwide are vulnerable to man-in-the-middle (MITM) attacks that could allow attackers to remotely execute arbitrary code with root privileges, turning over full control o… Continue reading Dangerous Rootkit found Pre-Installed on nearly 3 Million Android Phones→

VU#624539: Ragentek Android OTA update mechanism vulnerable to MITM attack

Posted on November 17, 2016 by CERT

Ragentek Android software contains an over-the-air update mechanism that communicates over an unencrypted channel,which can allow a remote attacker to execute arbitrary code with root privileges. Continue reading VU#624539: Ragentek Android OTA update mechanism vulnerable to MITM attack→

VU#624539: Ragentek Android OTA update mechanism vulnerable to MITM attack

Posted on November 17, 2016 by CERT

Yahoo May Have Exposed Rogers Customer Emails to US Spies

Posted on October 7, 2016 by Jordan Pearson for Motherboard

When emails go to the US, they’re open to eavesdropping. Continue reading Yahoo May Have Exposed Rogers Customer Emails to US Spies→

Capcom Rolls Back ‘Street Fighter V’ Update That Included a Rootkit

Posted on September 24, 2016 by Heidi Kemps for Motherboard

Allowing all apps kernel-level privileges is one hell of a super move. Continue reading Capcom Rolls Back ‘Street Fighter V’ Update That Included a Rootkit→

Oops! Microsoft Accidentally Leaks Backdoor Keys to Bypass UEFI Secure Boot

Posted on August 10, 2016 by Swati Khandelwal

It’s True — There is no such backdoor that only its creator can access.

Microsoft has accidentally leaked the Secret keys that allow hackers to unlock devices protected by UEFI (Unified Extensible Firmware Interface) Secure Boot feature.

What’s even worse?

It will be impossible for Microsoft to undo its leak.
<!– adsense –>
Secure Boot is a security feature that protects your device from

Continue reading Oops! Microsoft Accidentally Leaks Backdoor Keys to Bypass UEFI Secure Boot→