-
Researchers Develop Linux Rootkit That Evades Elastic EDR Protections
31 Oct 2025 10:33 GMT
… separate alerts when encountering standard rootkit implementations.
26 detections detectedThe … through methodical obfuscation.
The rootkit leverages four primary evasion … symbol name randomization. Standard rootkits utilize predictable naming patterns …
-
Researchers Created a Linux Rootkit that Evades Elastic Security EDR Detection
31 Oct 2025 04:06 GMT
… GitHub by researcher 0xMatheuZ, the rootkit employs advanced obfuscation techniques to … to static analysis evasion. Traditional rootkits falter on predictable strings and … “hook_getdents.”
Singularity tool
The rootkit’s Python-based obfuscator fragments …
-
⚡ Weekly Recap: F5 Breached, Linux Rootkits, Pixnapping Attack, EtherHiding & More
20 Oct 2025 20:17 GMT
… of InvisibleFerret.
LinkPro Linux Rootkit Spotted in the Wild — … 54321) that signals the rootkit to await further instructions … Campaign Targets Cisco Devices with Rootkits — A new campaign … Software to deploy Linux rootkits on older, unprotected systems …
-
Cisco: SNMP Critical Linux Rootkit Exploit CVE-2025-20352 RCE
17 Oct 2025 14:25 GMT
… access and installed a Linux rootkit built specifically for persistence. … case. The Houken kernel rootkit used the same approach … Linux Security Defense Strategies
Rootkits have always been a … Exploit Reveals About Linux Rootkit Evolution
The Cisco campaign …
-
LinkPro Rootkit Attacking GNU/Linux Systems Using eBPF Module to Hide Malicious Activities
17 Oct 2025 15:01 GMT
A sophisticated rootkit targeting GNU/Linux … called vGet, and the LinkPro rootkit.
The Docker configuration allowed … developed in Golang. The rootkit operates in two modes: … _KPROBE_OVERRIDE option.
The rootkit achieves persistence by masquerading as …
-
Hackers used Cisco zero-day to plant rootkits on network switches (CVE-2025-20352)
17 Oct 2025 15:03 GMT
… 2025-20352) to deploy Linux rootkits on vulnerable Cisco network devices … Micro researchers shared.
Once a rootkit was implanted, it would set … used to install the Linux rootkit, and one to stop … component used to control the rootkit, and an arp spoofing tool …
-
LinkPro: An eBPF-Based Rootkit Hiding Malicious Activity on GNU/Linux
17 Oct 2025 09:17 GMT
… uncovered a sophisticated Linux rootkit dubbed LinkPro that leverages … ” or “.system”.
The rootkit also hides specific process directories … configuration file.
The rootkit extracts and installs a … network name resolution.
The rootkit copies its executable to …
-
New Rootkit Campaign Exploits Cisco SNMP Flaw to Gain Persistence
17 Oct 2025 05:00 GMT
… Protocol vulnerability to install Linux rootkits on exposed network devices has … Legacy Cisco Flaw
Rootkit Capabilities and Detection
The rootkit granted several covert …
-
Operation Zero Disco: Threat actors targets Cisco SNMP flaw to drop Linux rootkits
16 Oct 2025 20:28 GMT
… attacks to deploy Linux rootkits on outdated systems, researchers … EDR protection, deploying rootkits to conceal malicious activity … complexity.
Upon installing the rootkit, attackers gain remote … to receive commands. The rootkit injects a volatile universal …
-
Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in 'Zero Disco' Attacks
16 Oct 2025 17:16 GMT
… XE Software to deploy Linux rootkits on older, unprotected systems. … company also noted that the rootkits allowed attackers to achieve … in their intrusions.
The rootkit is commandeered by means of … fact that the implanted rootkit sets a universal password …
About
© 1995-2025