Collaborate Disseminate
Windows machines have things like TPM and Secure boot to help protect against firmware rootkits, but is Mac any safer in these regards? How does Mac work in the boot stage and is it any less suceptable to firmware rootkits? Are there any… Continue reading Is Mac OS safer to use as far as firmware rootkits, cold boot attacks and evil maid?
Lets say a computers UEFI is infected with a rootkit and you have a copy of Tails written to a USB drive. I am guessing it could possibly infect the Tails OS as well. Well if you were to write tails to a CD that is not re-writable and bo… Continue reading Running Tails from a non-writable CD vs a USB on a PC with a UEFI infection. Would it comprimise Tails OS when loaded?
So I bought a new Lenovo Legion 5 PC. It comes with windows preinstalled. I was wondering is there a way to copy the firmware that comes with the PC onto a USB drive without having to download it off the website? For instance if I wante… Continue reading Is there a way to copy the firmware that came with my PC?
What firmware components of a PC are writable? For instance which components have the ability to store rootkits or viruses?
Continue reading What firmware components of a PC are writeable?
I am thinking of developing of a rather primitive CLI program for the sole purpose of detecting rootkits/bootkits/firmware modifying advanced malware.
Can you iterate thru all all hardware IDs (CPUID, GPUID etc) like dmidecode does just f… Continue reading Is it possible to enumerate thru all the hardware IDs?
What componets of a PC do firmware viruses and rootkits infect? Secure boot is supposed to protect you from these types of viruses. Although, it doesn’t protect you against rootkits in UEFI firmware itself? If so is there anything to pr… Continue reading How to protect yourself from firmware viruses
As far as I can tell chrootkit is not included in any linux distro repos.
Given root kit detection varies across tools and using more tools increases detection rates, I would have thought including all reliable, trusted, well known tools w… Continue reading Why is chrootkit not included in any repos? [migrated]
I have an HP Beats 15 Notebook PC (J1J05UA#ABA),
A while back (right after I finished up my first year of ethical hacking courses) I started getting attacked way more than usual. I got hit with reflective cross-site scripting like 4 times … Continue reading What are the most likely areas for storage of a hardware rootkit? [closed]
It’s a privilege escalation vulnerability:
Linux users on Tuesday got a major dose of bad news — a 12-year-old vulnerability in a system tool called Polkit gives attackers unfettered root privileges on machines running most major distributions of the open source operating system.
Previously called PolicyKit, Polkit manages system-wide privileges in Unix-like OSes. It provides a mechanism for nonprivileged processes to safely interact with privileged processes. It also allows users to execute commands with high privileges by using a component called pkexec, followed by the command…
Continue reading Twelve-Year-Old Linux Vulnerability Discovered and Patched
If I do a factory reset on a rooted Samsung/Android phone will it remove the root? Factory reset will return the phone to its out of the box state right?