CSOonline

Windows path conversion weirdness enables unprivileged rootkit behavior

Attackers can take advantage of how Windows converts file paths between the traditional DOS format to the more modern NT format in order to achieve rootkit-based capabilities such as hiding files and ...
CSOonline

‘Zero Disco’ campaign hits legacy Cisco switches with fileless rootkit payloads

In newly disclosed real-world attacks, threat actors are found exploiting a Cisco Simple Network Management Protocol (SNMP) vulnerability to gain remote code execution (RCE) and install Linux rootkits ...
Dark Reading

OBSCURE#BAT Malware Highlights Risks of API Hooking

A malware campaign dubbed "OBSCURE#BAT" is making effective use of heavily obfuscated code and evasion techniques like API hooking to trick unsuspecting users into downloading an advanced and highly ...