Please turn on your JavaScript for this page to function normally.
patch tuesday
Microsoft patches four exploited zero-days, but lags with fixes for a fifth (CVE-2023-36884)

For July 2023 Patch Tuesday, Microsoft has delivered 130 patches; among them are four for vulnerabilites actively exploited by attackers, but no patch for CVE-2023-36884, an …

Linux
Researchers unearth highly evasive “parasitic” Linux malware

Security researchers at Intezer and BlackBerry have documented Symbiote, a wholly unique, multi-purpose piece of Linux malware that is nearly impossible to detect. “What …

bomb
Delivering vulnerable signed kernel drivers remains popular among attackers

ESET researchers took an in-depth look into the abuse of vulnerable kernel drivers. Vulnerabilities in signed drivers are mostly utilized by game cheat developers to …

criminal
77% of rootkits are used for espionage purposes

In a new report, Positive Technologies analyzes this past decade’s most infamous families of rootkits – programs that hide the presence of malicious software or …

alert
LoJax: First-ever UEFI rootkit detected in a cyberattack

ESET researchers have discovered a cyberattack that used a UEFI rootkit to establish a presence on the victims’ computers. Dubbed LoJax, this rootkit was part of a campaign …

danger
Intel’s CHIPSEC can detect CIA’s OS X rootkit

As details about CIA’s hacking capabilities and tools are, bit by bit, popping to the surface, companies are trying to offer users some piece of mind. In the wake of …

BLU Studio G
Over 2.8 million cheap Android smartphones come with preinstalled backdoor

If you’re using a cheap Android smartphone manufactured or sold by BLU, Infinix, Doogee, Leagoo, IKU, Beeline or Xolo, you are likely wide open to Man-in-the-Middle …

GPU-based malware is real, say developers of PoC rootkit and keylogger

“Two yet unfinished coding projects by a group of developers that call themselves Team Jellyfish have received unexpected attention due to an Ars Technica article …

US ICS operators under attack by crims wielding BlackEnergy malware

The US ICS-CERT has issued a warning about an ongoing sophisticated malware campaign that has hit a number of industrial control systems (ICSs) environments using a variant of …

Turla cyber-espionage campaign puzzle solved

Turla, also known as Snake or Uroburos is one of the most sophisticated ongoing cyber-espionage campaigns. When the first research on Turla/Snake/Uroburos was published, it …

Zeus/rootkit combo delivered via Starbucks-themed emails

Malware peddlers have been spotted impersonating popular coffeehouse chain Starbucks in order to trick users into downloading a rootkit-equipped variant of the Zeus banking …

Three-year-old Uroburos rootkit likely created by Russian state-sponsored hackers

Researchers from German antivirus company G Data have discovered and analyzed a complex rootkit with spying capabilities and believe that it has been created and employed by …

Don't miss

Cybersecurity news