Award-winning news, views, and insight from the ESET security community TDL4 reloaded: Purple Haze all in my brain A new TDL4 sample includes novel privilege escalation mechanisms in the dropper and changes to the hidden storage system. Update: Mila's own blog on the topic is now available here. Other vendors may find the MD5 useful: A1B3E59AE17BA6F940AFAF86485E5907. However, Mila reports that d
Award-winning news, views, and insight from the ESET security community Bootkit Threat Evolution in 2011 ESET researchers examine the evolution of bootkit threats targeting 64-bit Windows over 2011. The year 2011 could be referred to as a year of growth in complex threats. Over the course of this year we witnessed an increase in the number of threats targeting the Microsoft Windows 64-bit platform
Versions of Microsoft Windows 64 bits were considered resistant against kernel mode rootkits because integrity checks performed by the system code. However, today there are examples of malware that use methods to bypass the security mechanisms Implemented. This presentation focuses on issues x64 acquitectura security, specifically in the signature policies kernel mode code and the techniques used
Criminals who operate large groupings of hacked PCs tend to be a secretive lot, and jealously guard their assets against hijacking by other crooks. But one of the world’s largest and most sophisticated botnets is openly renting its infected PCs to any and all comers, and has even created a Firefox add-on to assist customers. The TDSS botnet is the most sophisticated threat today, according to expe
TDL3 and ZeroAccess: More of the Same? by Blog Staff | Aug 8, 2011 | Industry Intel, Threat Lab Reading Time: ~ 5 min. By Marco Giuliani In our previous technical analysis of the ZeroAccess rootkit, we highlighted how it acts as a framework by infecting the machine — setting up its own private space in the disk, first through a dedicated file system on the disk, and more recently by using a hidden
After some months since the last blog post about the TDL rootkit, we have to come back and write again about this nasty threat that is targetting both 32 bit and 64 bit versions of the Windows operating system, succesfully bypassing all the security countermeasures implemented in the 64 bit version of Windows that should prevent the loading of unsigned drivers and every kind of patch to the Window
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
処理を実行中です
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く