Collaborate Disseminate
While analyzing real-world systems, memory analysts will often encounter anti-virus (AV) engines, EDRs, and similar products that, at first glance, look suspiciously like malware. This occurs because these security products leverage the same techniques… Continue reading When Anti-Virus Engines Look Like Kernel Rootkits
Recently when I was visiting a website, just clicking (not even on a link; lets say on some text or blank space) I was redirected by something (which was given as ilkmawgod.site…… in the address bar) to a malicious webpage (install.get… Continue reading ilkmawgod.site redirect [duplicate]
How concerned should I be about this result from unhide?
unhide-linux scan starting at: 17:02:43, 2020-03-23 Used options:
logtofile [*]Searching for Hidden processes through /proc stat
scanning
[*]Searching for Hidden proces… Continue reading Hidden Process Discovered in Tails OS
How concerned should I be about this result from unhide?
unhide-linux scan starting at: 17:02:43, 2020-03-23 Used options:
logtofile [*]Searching for Hidden processes through /proc stat
scanning
[*]Searching for Hidden proces… Continue reading Hidden Process Discovered in Tails OS
I’ve noticed some strange behaviour on my home laptop (eg never sleeps even though configured to do so, and starts running flat out when it’s been idle for a while) and am wondering whether it is infected with a root kit. Why do I think r… Continue reading How can I tell if my laptop has a root kit installed?
PREAMBLE
I’m on the internet for a while looking for the right security tools to locate and diagnose malware on Linux servers. Tools capable of doing system scans on Linux. Tools with capabilities and characteristics similar to Chkrootkit… Continue reading Chkrootkit and Rkhunter – What other tools are capable and proper to diagnose risks and/or infections?
I’d like to have your opinion about if a UEFI rootkit could infect a kernel inside an ISO that is saved in a bootable usb “distro”. I mean I have a usb stick with installed easy2boot. Inside easy2boot there are various ISOs which can be bo… Continue reading UEFI rootkit could infect a kernel of an iso inside an other iso?
What’s the likelihood of a laptop being compromised when it comes directly from a trusted computer store or a large, known computer technology company? Would there be any liability if malware or rookit was discovered?
What checks / scans … Continue reading Security of a laptop order
I was doing a routine audit of my Windows/Linux based network and was running Hitman on a Windows machine and noticed one flagged result.
Naturally, I checked into the flag and found it was a scheduled task for a weird prog… Continue reading RootkitRevealer ( Sysinternals ) flagged as malware [closed]
I have a process that loads into memory like any other process. It contains a special key. Our goal is to read this key inside memory…or while it is in transit across the data bus from cpu. The catch is that our solution ha… Continue reading Passively read key from process memory without invoking kernel (windows 10)