rootkit

(get it in RSS or Atom)

SSCC 137 - Apple, rootkits, hacking and data breach laws [PODCAST]

sscc-137-thumb-250

What about support for OS X Lion and Mountain Lion? Can a rootkit be a blessing in disguise? Will federal US data breach laws make things better or worse?

Chester and Duck once again aim their entertaining expertise at the security news of the week...

Notorious "Gameover" malware gets itself a kernel-mode rootkit...

gameover-250

The Gameover botnet gang has been trying new techniques lately: most recently comes the introduction of a kernel-mode rootkit called Necurs, making the malware harder to find and remove.

Senior Researcher James Wyke of SophosLabs investigates...

Spanish Linux group runs to teacher, complains about Microsoft's Secure Boot

Spanish open source association Hispalinux, reports Reuters, has officially complained to the European Commission about the Windows 8 Secure Boot system.

Paul Ducklin gets quizzical about what happens next...

FLAMING RETORT: Linux rootkit news "provides some comic relief"

About two weeks ago, a posting on the Full Disclosure Mailing List announced a new Linux rootkit.

Indeed, the posting didn't just announce the malware, but included a fully-working sample...

Major shift in strategy for ZeroAccess rootkit malware, as it shifts to user-mode

Major shift in strategy for ZeroAccess rootkit malware, as it shifts to user-mode

The ZeroAccess rootkit, which hijacks PCs and recruits them into a botnet, has undergone a significant revision - SophosLabs researcher James Wyke reveals.

Technical paper: The ZeroAccess rootkit under the microscope

zeroaccess_thumb

The ZeroAccess rootkit is quickly becoming one of the most widespread malware threats. SophosLabs' James Wyke takes a look at how ZeroAccess works and what its ultimate goal is.

Carrier IQ snoops on US cell users - Spyware or service monitoring tool?

AndroidSpyglass250

Researcher Trevor Eckhart posted information showing that US mobile carriers were installing a rootkit on mobile phones that can record location, keystrokes and other sensitive data to mobile carriers. It can be included on Android, Nokia, Blackberry and other tablets causing privacy concerns among users.

Apple fakery, DNS hack, DigiNotar, Linux, Wikileaks - 60 Sec Security

60ss-20110913-250

Lots of readers said they'd like to see our 'news-with-a-conscience' videos more than once a month.

So here you go. 60 Second Security, once every two weeks.

Security breach: Kernel.org and Linux Foundation remain "temporarily unavailable"

Linux world in security spinout as Linux Foundation and Kernel.org remain "temporarily unavailable"

The Linux world is in a bit of a security spinout at the moment.

Could this be the moment that you finally decide to try OpenBSD?

SSCC 66 - Popureb, JailBreakMe.com, WordPress insecurities and Twitter hackers

Sophos Security Chet Chat 41

In this week's Chet Chat Paul Ducklin is Chet's guest as they cover the latest security news. Topics covered include a paper on the Popureb rootkit, the vulnerabilities in Apple's iOS exploited by jailbreakme.com, WordPress 3.2 and the latest Twitter account hacks.

'Indestructible' rootkit rumours are greatly exaggerated! Stand down from high alert!

'Indestructible' rootkit rumours are greatly exaggerated! Stand down from high alert!

LulzSec has sailed away - if not off the edge of the world, at least into a part of space and time from which it can no longer trigger scared, and scary, headlines.

It seems we needed something to replace LulzSec, and it looks as though we've found it: the indestructible rootkit!

Compromised ads leading to TDSS rootkit infections

HackingTheWeb series logo

Hacking ad servers is a effective way of injecting malicious code into multiple third party web sites, potentially exposing huge numbers of users to the attack. Find out more about this latest attack being used to infect victims with TDSS.

Buzz over Google's $8.5 million lawsuit settlement

buzz-sorted

Google today took what it labelled the exceptional step of mass-mailing all Gmail users to announce a settlement in the Buzz lawsuit. According to Google, that lawsuit is now sorted out. But those who were hoping to pick up some personal largesse from Google's deep pockets will be disappointed.

Certified uncertainty

Screenshot of Stuxnet stolen certificates

Just when we thought we understood what was happening with the Stuxnet rootkit the plot thickens. As I reported in my original story, the rootkit component and several other pieces were signed with a legitimate digital certificate from Realtek Semiconductor. Read more…

Android rootkits - malware on your smartphone

Android rootkits - malware on your smartphone

Many of you are probably familiar with the concept of rootkits - malicious software that lurks hidden at a low-level on your Windows or Unix computer, remaining undetected by conventional anti-virus software. Although new rootkits can be prevented from infecting Read more…

Surveillance rootkits on smartphones

Image (1) smartphone-snooping.jpg for post 15913

Liviu Iftode and Vinod Ganapathy, two researchers at Rutgers University, have revealed some experiments they have been conducting, showing how rootkits could be used to take control of smartphones. The scientists have shown that a malicious attacker could cause a Read more…

The first good BSoD

Image (1) tdssbsod.jpg for post 2780

Perhaps this title should read "Blue screen of blessing." Yes, you are reading that correctly. BSoDs can occasionally have a back-handed benefit. Last Tuesday after Microsoft released its latest batch of patches, complaints started streaming in that there was a Read more…

Will RAM scraping loosen the sky and make it fall?

Image (1) henny-penny.gif for post 1377

The Henny Penny story of the moment concerns something called RAM scraping, which has the headline-friendly characteristics of sounding not just new and dangerous, but also painful and probably interestingly distasteful. A recently-released data breach report identifies RAM scraping malware Read more…

Sophos Anti-Rootkit updated - download it for free

Image (1) rootkit.jpg for post 14727

Sophos Anti-Rootkit is, judging by our download stats, one of our most popular free tools - helping computer users scan, detect and removes any rootkit that is hidden on their computer using advanced rootkit detection technology. I'm delighted to say Read more…

Sophos enhancements, rootkits and ball gowns

Default image

Today Sophos enhanced the malware protection provided by Endpoint Security and Control. The rollout of Sophos Anti-Virus v7.6 for Windows offers additional preventive layers of protection for Windows users, including integrated rootkit detection and on-access web-based script attack detection. We Read more…