The Latest in IT Security

Posts Tagged ‘kernel mode’

Back at the beginning of May we posted preliminary information about Win32/Rootkit.Avatar rootkit (Mysterious Avatar rootkit with API, SDK, and Yahoo Groups for C&C communication). One of the major questions not covered in that previous research was this: What payload and plugins does Avatar install onto infected machines? We continue our research and are still […]

Read more ...

The story of the mysterious malware detected by ESET as Win32/Rootkit.Avatar began in February 2013 when some adverts for this rootkit leaked from Russian cybercrime forums (http://pastebin.com/maPY7SS8). This information produced some heated discussions in the malware research community, however a sample of the Avatar rootkit was not found and published, until now. In this blog […]

Read more ...

Ramnit is one of the most prevalent threat families still active in the wild today. Two years ago, we talked about the infection method it uses in the Microsoft Malware Protection Center (MMPC) blog Little red Ramnit: My what big eyes you have, Grandma! by Scott Molenkamp. We are still keeping an eye on this […]

Read more ...


Categories

THURSDAY, MARCH 28, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments