Common Information
| Type | Value |
|---|---|
| Value |
Rootkit |
| Category | Attack-Pattern |
| Type | Mitre-Ics-Techniques |
| Misp Type | Cluster |
| Description | Adversaries may deploy rootkits to hide the presence of programs, files, network connections, services, drivers, and other system components. Rootkits are programs that hide the existence of malware by intercepting and modifying operating-system API calls that supply system information. Rootkits or rootkit-enabling functionality may reside at the user or kernel level in the operating system, or lower. Firmware rootkits that affect the operating system yield nearly full control of the system. While firmware rootkits are normally developed for the main processing board, they can also be developed for I/O that can be attached to the asset. Compromise of this firmware allows the modification of all of the process variables and functions the module engages in. This may result in commands being disregarded and false information being fed to the main device. By tampering with device processes, an adversary may inhibit its expected response functions and possibly enable Impact. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2025-03-20 | 5 | MITRE ATT&CK T1562.006 Impair Defenses: Indicator Blocking | ||
| Details | Website | 2025-03-20 | 5 | 威胁行为者利用旧版驱动绕过 TLS 证书验证威胁网络安全-安全KER - 安全资讯平台 | ||
| Details | Website | 2025-03-16 | 6 | 인증서 검증 우회를 통한 Legacy Driver Exploitation 공격 사례 - ASEC | ||
| Details | Website | 2025-03-16 | 6 | Legacy Driver Exploitation Through Bypassing Certificate Verification - ASEC | ||
| Details | Website | 2025-03-13 | 1 | New OBSCURE#BAT Exploit Windows Alters System Processes & Registry for Evasion | ||
| Details | Website | 2025-03-12 | 48 | Ghost in the Router: China-Nexus Espionage Actor UNC3886 Targets Juniper Routers | ||
| Details | Website | 2025-03-12 | 148 | Поддельные репозитории GitHub, созданные с помощью искусственного интеллекта, способствуют распространению SmartLoader и LummaStealer - SEC-1275-1 | ||
| Details | Website | 2025-03-12 | 23 | Ghost in the Router: China-Nexus Espionage Actor UNC3886 Targets Juniper Routers | Google Cloud Blog | ||
| Details | Website | 2025-03-11 | 12 | 5 Common Evasion Techniques in Malware - ANY.RUN's Cybersecurity Blog | ||
| Details | Website | 2025-03-11 | 2 | What is Rootkit – Detection and Prevention | ||
| Details | Website | 2025-03-10 | 17 | Stopping Sobolan Malware with Aqua Runtime Protection | ||
| Details | Website | 2025-03-09 | 4 | Xeno-Zeronium Free Opensource Anti Malware & Anti Virus Apps For Android OS Gadget (Revision 2025) | ||
| Details | Website | 2025-03-08 | 17 | Menguasai Linux untuk Pentesting: Berikut Perintah yang Harus Diketahui! | ||
| Details | Website | 2025-03-08 | 24 | 100 PERINTAH LINUX YANG SERING DI GUNAKAN OLEH PENTESTER | ||
| Details | Website | 2025-03-08 | 20 | 100 Command Linux yang digunakan oleh Pentester saat berkerja | ||
| Details | Website | 2025-03-06 | 8 | 100 Perintah Linux yang Wajib Diketahui: Senjata Para Pentester dalam Dunia Siber | ||
| Details | Website | 2025-03-04 | 8 | BlackEnergy v2 Malware Analysis — Memory Dump Investigation | ||
| Details | Website | 2025-03-03 | 8 | Walking the File System Like a Hacker | ||
| Details | Website | 2025-03-03 | 2 | 2025年十大最佳动态恶意软件分析工具 - 安全牛 | ||
| Details | Website | 2025-03-02 | 0 | Sandfly 5.3.1 - Video Overview | ||
| Details | Website | 2025-03-02 | 1 | Malware [00] Unlocking the World of Malware Analysis | ||
| Details | Website | 2025-03-01 | 0 | Day 106 — The World of Malware: A Deep Dive into Threats and Malware Analysts | ||
| Details | Website | 2025-02-28 | 1 | Malware 101: Understanding Threats, Analysis Techniques, and Essential Tools | ||
| Details | Website | 2025-02-28 | 1 | 100 Perintah Linux yang paling banyak digunakan oleh Pentester(Penetration Tester). | ||
| Details | Website | 2025-02-28 | 0 | Unmasking Auto-Color: The Stealthy Linux Backdoor |