Detection and Analysis of a Malware Using the TCP Packets

News

New Syslogk Linux rootkit uses magic packets to trigger backdoor

A new Linux rootkit malware named ‘Syslogk’ is being used in attacks to hide malicious processes, using specially crafted "magic packets" to awaken a backdoor laying dormant on the device. The malware ...

Computerworld15y

TCP RESET: Pros and Cons

A clever antimalware gateway can achieve zero latency by using a span/tap port to inspect Internet traffic for malware and malware references (in contrast to inline inspection). When it recognizes ...

Bleeping Computer5mon

New Android malware uses Microsoft’s .NET MAUI to evade detection

New Android malware campaigns use Microsoft's cross-platform framework .NET MAUI while disguising as legitimate services to evade detection. The tactic was observed by McAfee's Mobile Research Team, a ...

Ars Technica7mon

Backdoor infecting VPNs used “magic packets” for stealth and security

When threat actors use backdoor malware to gain access to a network, they want to make sure all their hard work can’t be leveraged by competing groups or detected by defenders. One countermeasure is ...

ZDNet3y

This new Linux malware has a sneaky way of staying hidden

A newly discovered stealthy piece of Linux malware called Syslogk delivers a backdoor that remains hidden on the targeted machine until its controller, from anywhere on the internet, transmits ...

Some results have been hidden because they may be inaccessible to you

Show inaccessible results