Mandiant details how ShinyHunters abuse SSO to steal cloud data

Mandiant says a wave of recent ShinyHunters SaaS data-theft attacks is being fueled by targeted voice phishing (vishing) attacks and company-branded phishing sites that steal single sign-on (SSO) ...

This dangerous APT has expanded its skills with some new tools - here's what we know

Originally, CoolClient was able to profile and gather system and user details, and record keystrokes. It allowed Mustang panda to upload and delete files, run TCP tunneling and reverse-prosy listening ...
Bleeping Computer

New VoidLink malware framework targets Linux cloud servers

A newly discovered advanced cloud-native Linux malware framework named VoidLink focuses on cloud environments, providing attackers with custom loaders, implants, rootkits, and plugins designed for ...
IEEE

Rootkit Detection Using Hybrid Machine Learning Models and Deep Learning Model: Implementation

Abstract: Rootkits are a type of malicious software designed to exploit system vulnerabilities and evade detection by traditional security mechanisms. This study proposes a comprehensive approach for ...
IEEE

Improvise, Adapt, Overcome: Dynamic Resiliency Against Unknown Attack Vectors in Microgrid Cybersecurity Games

Abstract: Cyber-physical microgrids are vulnerable to rootkit attacks that manipulate system dynamics to create instabilities in the network. Rootkits tend to hide their access level within microgrid ...
GitHub

Singularity - Stealthy Linux Kernel Rootkit

"Shall we give forensics a little work?" Singularity is a powerful Linux Kernel Module (LKM) rootkit designed for modern 6.x kernels. It provides comprehensive stealth capabilities through advanced ...