payload | DataProtectionCenter.com

Rovnix bootkit framework updated

14

Jul

2012

We have been tracking the activity of the Rovnix bootkit family since April 2011. Rovnix was the first bookit family to use VBR (Volume Boot Record) infection (NTFS bootstrap code) for loading unsigned kernel-mode drivers on x64 (64 bit) platforms. The reason for exploring further is the desire of the Rovnix developers to bypass antivirus […]

Category General Written by ESET ThreatBlog 0 Comments

Rising trend of using professional obfuscations for protecting Java samples

12

Jul

2012

Usage of commercial grade software protectors/cryptors/obfuscators is a very common trend in desktop malware landscape. They are mainly used to make the analyst’s life tough by adding extra layers of protection. Similarly, there have been quite a few open source obfuscators and professional obfuscators used in the malware families implemented in Java as well for […]

Category General Written by GLOBAL SECURITY ADVISOR RESEARCH BLOG 0 Comments

Backdoor.Korplug: Loading Malicious Components Through Trusted Applications

11

Jul

2012

Symantec is observing limited targeted attacks using a new backdoor Trojan, Backdoor.Korplug. This backdoor surfaced earlier this year in March 2012. In these attacks, the targets are sent a crafted email containing a malicious attachment, typically in the form of a password protected zip file containing a malicious executable or in the form of an […]

Category General Written by Symantec Security Response Blog 0 Comments

The Latest in IT Security

Posts Tagged ‘payload’

Rovnix bootkit framework updated

Rising trend of using professional obfuscations for protecting Java samples

Backdoor.Korplug: Loading Malicious Components Through Trusted Applications

Categories

Featured

Archives

Latest Comments

About Us

Contact Us