Researchers are expected to present at CanSecWest a BIOS rootkit that automates BIOS vulnerability discovery and implants persistent malware.
Browsing Category: Malware
Researcher Patrick Wardle of Synack is expected this week at CanSecWest to unveil malicious dylib attacks against Apple’s Mac OS X.
Mozilla has released an open source memory forensics tool that some college students designed and built during the company’s recent Winter of Security event. The new tool, known as Masche, is designed specifically for investigating server memory and has the advantage of being able to scan running processes without causing any problems with the machine.[…]
A variant of CryptoLocker ransomware is targeting gamers, encrypting files associated with more than 20 popular titles in exchange for a Bitcoin payment.
The federal government is seeking more legal power to step in and shut down botnets through an amendment to the existing criminal law, which would allow the Department of Justice to obtain injunctions to disrupt these malicious networks. The Obama administration has proposed an amendment to existing United Stated federal law that would give it[…]
HP’s Zero Day Initiative published details of a bypass for a five-year-old Windows patch for the .LNK vulnerability exploited by Stuxnet.
The EquationDrug cyberespionage platform is a complicated system that is used selectively against only certain target machines, one that can be extended via a collection of 116 malware plug-ins, researchers at Kaspersky Lab said.
Microsoft released a new patch for the LNK vulnerability exploited by Stuxnet after it learned original patch from 2010 failed and left Windows machines exposed.
DDoS attacks have been a persistent problem for the the better part of 20 years, and as ISPs and enterprises have adjusted their defenses, attackers have adapted their tactics. One of the more effective tools in the attackers’ arsenal now is the use of botnets to generate massive numbers of DNS queries for a target[…]
A recent malware sample dynamically generates the name of a mutex object by using Windows product ID, lessening its predictability and complicating detection.