Dell's Laptops are Infected with 'Superfish-Like' pre-installed Malware

Similar to the Superfish malware that surrounded Lenovo laptops in February, another big computer manufacturer Dell spotted selling PCs and laptops pre-installed with a rogue SSL certificate that could allow attackers: To impersonate as any HTTPS-protected website and spy on when banking or...

Beurk - Experimental Unix Rootkit

BEURK is an userland preload rootkit for GNU/Linux, heavily focused around anti-debugging and anti-detection. NOTE: BEURK is a recursive acronym for B EURK E xperimental U nix R oot K it Features Hide attacker files and directories Realtime log cleanup on utmp/wtmp Anti process and login detectio...

Lenovo Caught (3rd Time) Pre-Installing Spyware on its Laptops

Lenovo has once again been caught installing spyware on its laptops and workstations without the user's permission or knowledge. One of the most popular computer manufacturers is being criticized for selling some refurbished laptop models pre-installed with invasive marketing software that sends...

Lenovo Caught Using Rootkit to Secretly Install Unremovable Software

Two years ago Chinese firm Lenovo got banned from supplying equipment for networks of the intelligence and defense services various countries due to hacking and spying concerns. Earlier this year, Lenovo was caught red-handed for selling laptops pre-installed with Superfish malware. One of the mo...

Hacking Team Spyware preloaded with UEFI BIOS Rootkit to Hide Itself

Last Week someone just hacked the infamous Hacking Team, The Italy-based cyber weapons manufacturer and leaked a huge trove of 400GB internal data, including: Emails Hacking tools Zero-day exploits Surveillance tools Source code for Spyware A spreadsheet listing every government client with date ...

Apple Mac computer firmware 0day EFI rootkit vulnerability

MAC is apple's self-developed operating system, now commonly used operating systems are windows, linux, mac. MacBook Pro Retina, MacBook Pro and MacBook Air computers may have a security vulnerability in the EFI firmware update, the attacker does not need to physically touch the target machine, c...

Apple Mac OSX Zero-Day Bug Allows Hackers to Install RootKit Malware

A zero-day software vulnerability discovered deep in the firmware of many Apple computers could allows an attacker to modify the system’s BIOS and install a rootkit, potentially gaining complete control of the victim’s Mac. The critical vulnerability, discovered by well-known OS X security...

Firmware Bug in OSX Could Allow Installation of Low-Level Rootkits

There is a vulnerability buried deep in the firmware of many Apple laptops that could allow an attacker to overwrite the machine’s BIOS and install a rootkit, gaining complete control of the Mac. The vulnerability lies in the UEFI system on some older MacBooks, and researcher Pedro Vilaca...

New GPU-based Linux Rootkit and Keylogger with Excellent Stealth and Computing Power

The world of hacking has become more organized and reliable over recent years and so the techniques of hackers. Nowadays, attackers use highly sophisticated tactics and often go to extraordinary lengths in order to mount an attack. And there is something new to the list: A team of developers has...

Attackers Peddling Malware Through CareerBuilder

Attackers have recently taken to the job-search website CareerBuilder to spread Microsoft Word documents that appear to be job hopefuls’ resumes, but in reality, are laden with malware. Researchers at the firm Proofpoint discovered the campaign and discussed their findings in a blog post. In the...

Open-Source Host-Based Intrusion Detection System: OSSEC

OSSEC is a platform to monitor and control your systems. It mixes together all the aspects of HIDS host-based intrusion detection, log monitoring, and Security Incident Management SIM/Security Information and Event Management SIEM together in a simple, powerful, and open source solution. Key...

Group Behind SSH Brute Force Attacks Slowed Down

A criminal group whose actions have at times been responsible for one-third of the Internet’s SSH traffic—most of it in the form of SSH brute force attacks—has been cut off from a portion of the Internet. While not a botnet takedown in the traditional sense, networking providers Level 3...

BIOS Rootkit Implant Debuts at CanSecWest

When the National Security Agency’s ANT division catalog of surveillance tools was disclosed among the myriad of Snowden revelations, its desire to implant malware into the BIOS of targeted machines was unquestionable. While there’s little evidence of BIOS bootkits in the wild, the ANT catalog an...

Multiple Web Servers Webdav rootkit Backdoor Command Execution

A command execution vulnerability has been reported in multiple Web servers. The vulnerability is due to the existence of a backdoor file on the Web server within a specific library. A remote attacker can exploit this vulnerability by sending a request to the malicious backdoor file...

Powerful Linux Trojan 'Turla' Infected Large Number of Victims

Security researchers have discovered a highly nasty Linux trojan that has been used by cybercriminals in state sponsored attack in order to steal personal, confidential information from government institutions, military and pharmaceutical companies around the world. A previously unknown piece of ...

Host Based Intrusion Detection System: Samhain

The Samhain host-based intrusion detection system HIDS provides file integrity checking and log file monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes. samhain is a file and host integrity and intrusion alert system...

Magento Server MAGMI Plugin 0.7.17a - Remote File Inclusion

Magento Server MAGMI Plugin 0.7.17a - Remote File Inclusion Exploit found date: 10/24/2014 Security Researcher name: Parvinder Bhasin Contact info: [email protected] twitter: @parvinderb - scorpio Currently tested version: Magento version: Magento CE - 1.8 older MAGMI version: v0.7.17a...

SAMHAIN v3.1.2 - File Integrity Checker / Host-Based Intrusion Detection System

The Samhain host-based intrusion detection system HIDS provides file integrity checking and log file monitoring/analysis , as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes. Samhain been designed to monitor multiple hosts with potentially...

New Kronos Banking Malware Advertised On Russian Forums

Criminals are advertising a new banking Trojan on Russian forums, one going for a hefty price and being marketed as a method of evading detection and analysis. To date, however, security researchers have yet to obtain a sample of Kronos, which is available on a few forums for pre-order at a cost ...

[SECURITY] Fedora 19 Update: chkrootkit-0.49-9.fc19

chkrootkit is a tool to locally check for signs of a rootkit. It contains: chkrootkit: shell script that checks system binaries for rootkit modification. ifpromisc: checks if the network interface is in promiscuous mode. chklastlog: checks for lastlog deletions. chkwtmp: checks for wtmp deletions...