Nov. 14, 2023, 4:05 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Executive Summary


The Black Lotus Labs team has discovered a highly unique piece of malware designed to compromise the security of the extended Berkeley Packet Filter (eBPF) functionality in the Linux kernel of container-based operating systems, like CoreOS. eBPF is a programmable framework that allows users to run code within the kernel of Linux systems, without having to write a kernel-specific module. Named “Elevator” by the malware author, it was created to escape the security restrictions of containers and allow …

berkeley packet filter black lotus black lotus labs code compromise container down ebpf executive extended berkeley packet filter filter framework kernel labs linux linux kernel malware operating systems packet piece ring run security systems team

Information Security Engineers

@ D. E. Shaw Research | New York City

Senior IT Security Manager

@ Constellium | Baltimore, MD, US, 21202

Cybersecurity Sales Engineer ( SLED / Great Lakes Region)

@ Palo Alto Networks | Warren, MI, United States

Regional Security Operations Analyst

@ Mastercard | Dubai, United Arab Emirates

Cybersecurity – Information System Security Officer (ISSO)

@ Boeing | USA - Kent, WA

Senior Consultant, Assessment Services - SOC 2 | Remote US

@ Coalfire | United States