Extended Berkeley Packet Filter (eBPF) represents one of Linux’s most powerful kernel technologies, enabling users to load sandboxed programs directly into the kernel for network packet inspection and system call monitoring. Introduced in 2015 to modernize the 1992 BPF architecture, this capability has become a double-edged sword providing unprecedented observability while simultaneously offering sophisticated attackers […]

The post BPFDoor and Symbiote: Advanced eBPF-Based Rootkits Target Linux Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Mayura Kathir

Source: gbHackers
Source Link: https://gbhackers.com/ebpf-based-rootkits/