Linux Threat Hunting: ‘Syslogk’ a kernel rootkit found under development in the wild

Avast –  Avast –  Rootkits are dangerous pieces of malware. Once in place, they are usually really hard to detect. Their code is typically more challenging to write than other…

Attackers Used Malicious Telegram Installer to Distribute Purple Fox Rootkit

Security Intelligence – Security Intelligence – Attackers Used Malicious Telegram Installer to Distribute Purple Fox Rootkit Threat actors leveraged a malicious Telegram installer to infect users with the Purple Fox…

macOS flaw allowed attackers to install persistent, undetectable malware

Microsoft recently discovered a critical security vulnerability in macOS, which as per Microsoft 365 Defender Research team’s researcher Jonathan Bar-Or, could have been used to install a rootkit on targeted…

Beware- FontOnLake Rootkit Malware Attacking Linux Systems

According to ESET’s researchers, components of FontOnLake malware are divided into three groups: Trojamized app, Rootkit, and Backdoor.  Researchers at Slovak cybersecurity company ESET have identified a new malware family…

A New Flaw Was Discovered in the Microsoft Windows Platform Binary Table (WPBT)

The flaw discovered by the researchers at Eclypsium in the Microsoft Windows Platform Binary Table (WPBT) can be exploited in attacks meant to install rootkits on all Windows computers that…

DirtyMoe: Code Signing Certificate

Avast –  Avast –  Abstract The DirtyMoe malware uses a driver signed with a revoked certificate that can be seamlessly loaded into the Windows kernel. Therefore, one of the goals…

DirtyMoe: Rootkit Driver

Avast –  Avast –  Abstract In the first post DirtyMoe: Introduction and General Overview of Modularized Malware, we have described one of the complex and sophisticated malware called DirtyMoe. The…