Articles about rootkits

The Register breaking news

Notorious rootkit gets self-propagation powers

One of the most notorious rootkits has just acquired a self-propagating mechanism that could allow it to spread to new victims, a security researcher has warned. A new version of the TDSS rootkit, which also goes by the names Alureon and TDL4, is able to infect new machines using two separate methods, Kaspersky Lab researcher …
Dan Goodin, 3 Jun 2011
The Register breaking news

Whitehat cracks notorious rootkit wide open

A malware analyst has deconstructed a highly advanced piece of crimeware believed to be the work of the notorious Russian Business Network The step-by-step instructions for reverse engineering the stealthy ZeroAccess rootkit is a blow to its developers, who took great care to make sure it couldn't be forensically analyzed. The …
Dan Goodin, 18 Nov 2010
The Register breaking news

Boffins boast newfangled rootkit blocker

Scientists are set to unveil a lightweight system they say makes an operating system significantly more resistant to rootkits without degrading its performance. The hypervisor-based system is dubbed HookSafe, and it works by relocating kernel hooks in a guest OS to a dedicated page-aligned memory space that's tightly locked down …
Dan Goodin, 11 Nov 2009
The Register breaking news

Top NASA scientist busted for leaking satellite intel

A former NASA scientist who helped discover evidence of water on the moon has been arrested on charges he tried to sell Israel classified information about US military satellite systems. Stewart Nozette, 52, of Maryland, was arrested in a sting in which an FBI agent posed as an Israeli intelligence officer. According to …
Dan Goodin, 20 Oct 2009
The Register breaking news

Trojan plunders $480k from online bank account

A Pennsylvania organization that helps develop affordable housing learned a painful lesson about the hazards of online banking using the Windows operating system when a notorious trojan siphoned almost $480,000 from its account. News reports here and here say $479,247 vanished from a bank account belonging to the Cumberland …
Dan Goodin, 14 Oct 2009
fingers pointing at man

Microsoft security tools give devs the warm fuzzies

Microsoft has released a general-purpose software tool for assessing the security of applications, part of a growing suite of free offerings designed to help third-party developers design safer programs. Microsoft Minifuzz is a lightweight file fuzzer, a type of tool that detects software bugs by throwing random data at an …
Dan Goodin, 16 Sep 2009
The Register breaking news

Apple security lags (again) with critical Java patches

Comment Apple is once again playing security catch-up to the rest of the computing world, this time with an update for the Leopard version of its Mac operating system that patches critical holes in Java that were fixed on competing systems 29 days ago. The patch updates Leopard to Java versions 1.6.0_15, 1.5.0_20, and 1.4.2_22, which …
Dan Goodin, 4 Sep 2009
channel

Snow Leopard security - The good, the bad and the missing

Apple Engineers missed a key opportunity to implement an industry-standard technology in their latest operating system that would have made it more resistant to hacking attacks, three researchers have said. Known as ASLR, or address space layout randomization, the measure picks a different memory location to load system …
Dan Goodin, 29 Aug 2009
Snow Leopard

Apple sneaks malware protection into Snow Leopard

Apple is dipping yet another toe into the anti-malware pond with a feature in the latest beta version of its forthcoming Snow Leopard operating system. The protection was quietly added earlier this month to Snow Leopard 10A432, the most recent build of the new version of Mac OS X that is due for release this Friday, according …
Dan Goodin, 25 Aug 2009
The Register breaking news

TJX suspect indicted in Heartland, Hannaford breaches

Federal authorities have charged a previously indicted hacker with breaching additional corporate computers and stealing data for at least 130 million credit and debit cards, the biggest identity theft case ever prosecuted in the United States. Albert "Segvec" Gonzalez and two unnamed Russians were indicted on Monday for attacks …
Dan Goodin, 17 Aug 2009
Iphone

Hijacking iPhones and other smart devices using SMS

Black Hat Update: Apple says it has patched the vulnerability described below. The full story is here Researchers have uncovered a bevy of vulnerabilities in smart phones made by multiple vendors, including one in Apple's iPhone that could allow an attacker to execute malicious code without requiring the victim to take any action at all …
Dan Goodin, 31 Jul 2009
The Register breaking news

Security elite pwned on Black Hat eve

On the eve of the Black Hat security conference, malicious hackers posted a 29,000-line file detailing embarrassing attacks that took complete control of servers and websites run by several high-profile security researchers, including Dan Kaminsky and Kevin Mitnick. The file posted on security mailing lists claimed to have …
Dan Goodin, 29 Jul 2009
The Register breaking news

Microsoft emergency fix kills bugs in IE, Visual Studio

Microsoft issued two emergency updates on Tuesday to fix critical security bugs that leave users of Internet Explorer and an untold number of third-party applications vulnerable to remote attacks that completely commandeer their computers. Most of the vulnerabilities are located in Microsoft's ATL, or Active Template Library, …
Dan Goodin, 28 Jul 2009
The Register breaking news

New attack resurrects previously patched security bugs

Researchers may have figured out how to bypass a common technique Microsoft and other software makers have used to fix hundreds of security vulnerabilities over the past decade, according to a brief video previewing a talk scheduled for later this week at the Black Hat security conference. The video, posted here by security …
Dan Goodin, 27 Jul 2009
The Register breaking news

Microsoft to issue emergency patches Tuesday

Microsoft plans to issue two emergency patches next week that fix vulnerabilities in the Internet Explorer browser and Visual Studio developer suite that allow attackers to remotely execute malware. The patches, which will be delivered on Tuesday, will be only the third time Microsoft has issued an out-of-band security patch in …
Dan Goodin, 25 Jul 2009
The Register breaking news

Network Solutions breach exposed 500k card accounts

A breach at Network Solutions has exposed details for more than 500,000 credit and debit cards after hackers penetrated a system it used to deliver e-commerce services and planted software that diverted transactions to a rogue server, the hosting company said late Friday. The unauthorized software was in place from March 12 to …
Dan Goodin, 25 Jul 2009
The Register breaking news

New attacks exploit vuln in (fully-patched) Adobe Flash

Online criminals are targeting a previously unknown vulnerability in the latest versions of Adobe's ubiquitous Flash Player that allows them to take complete control of end users' computers, security researchers warn. Although the exploit can be triggered using malicious PDF files opened by Adobe's Reader application, a more …
Dan Goodin, 22 Jul 2009
The Register breaking news

Open-source firmware vuln exposes wireless routers

A hacker has discovered a critical vulnerability in open-source firmware available for wireless routers made by Linksys and other manufacturers that allows attackers to remotely penetrate the device and take full control of it. The remote root vulnerability affects the most recent version of DD-WRT, a piece of firmware many …
Dan Goodin, 21 Jul 2009

Create a news alert about rootkits, or find more stories about rootkits.

Biting the hand that feeds IT © 1998–2017