#RootkitDefense

Hackers abuse Avast anti-rootkit driver to disable defenses

by

November 23, 2024 at 04:12PM A new malware campaign leverages an outdated Avast Anti-Rootkit driver to disable security components and evade detection. By targeting processes from various security vendors, the malware can operate undetected. Researchers recommend using signature-based rules and Microsoft’s vulnerable driver blocklist to mitigate such risks. ### Meeting Takeaways: 1. **Emerging Malware Threat**: … Read more

New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking

by

October 3, 2024 at 10:45AM Linux servers are under attack by a persistent campaign delivering perfctl malware, aiming to run a cryptocurrency miner and proxyjacking software. The elusive and stealthy malware employs sophisticated techniques including exploiting a security flaw in Polkit. It’s recommended to keep systems updated, restrict file execution, and enforce network segmentation to … Read more