payloads | DataProtectionCenter.com

Rovnix.D: the code injection story

27

Jul

2012

ESET – In the one of my previous blog posts I described the bootkit functionality included in modifications found in new Rovnix.D samples (Rovnix bootkit framework updated), but further detailed analysis uncovered some interesting updates to the code injection technique employed. During the Rovnix.D code analysis process we found algorithms for multiple code injections with […]

Category General Written by ESET ThreatBlog 0 Comments

The Madi Campaign – Part I

17

Jul

2012

For almost a year, an ongoing campaign to infiltrate computer systems throughout the Middle East has targeted individuals across Iran, Israel, Afghanistan and others scattered across the globe. Together with our partner, Seculert, we?ve thoroughly investigated this operation and named it the ?Madi?, based on certain strings and handles used by the attackers. You can […]

Category General Written by Securelist / Blog 0 Comments

Multi-platform Backdoor with Intel OS X Binary

14

Jul

2012

Karmina wrote about a malware targeting multiple operating systems on Monday. The Mac OS X sample that time was a PowerPC binary. Yesterday, we received an Intel x86 version in our backend systems which appears to have been used in a similar type of attack. Nothing fancy. This time the sample uses the server 199.180.197.59, […]

Category General Written by F-Secure Antivirus Research Weblog 0 Comments

The Latest in IT Security

Posts Tagged ‘payloads’

Rovnix.D: the code injection story

Multi-platform Backdoor with Intel OS X Binary

Categories

Featured

Archives

Latest Comments

About Us

Contact Us