techniques / Best of Security

74
Vote

A Catalog of Local Windows Kernel-mode Backdoor Techniques

| Posted by

Staff 335 days ago
Via: http://www.uninformed.org | Tags: a catalog of local windows kernelmode backdoor techniques comments

Discuss

This paper presents a detailed catalog of techniques that can be used to create local kernel-mode backdoors on Windows. These techniques include function trampolines, descriptor table hooks, model-specific register hooks, page table modifications, as well as others that have not previously been described. The majority of these techniques have been publicly known far in advance of this paper. However, at the time of this writing, there appears to be no detailed single point of reference for many of them. read more »

Add this link to... report

Bury

188
Vote

Lawsuit could force RIAA to reveal investigation techniques

Category: news | Posted by

Staff 300 days ago
Via: http://www.infoworld.com | Tags: lawsuit force riaa reveal investigation techniques comments

Discuss

An Oregon woman whose lawsuit against the Recording Industry Association of America (RIAA) was thrown out by a federal judge last month plans to file an amended complaint Friday in a move that could finally force the industry group to share details about its controversial techniques for investigating alleged file sharers. read more »

Add this link to... report

Bury

85
Vote

Packer Detection and Generic Unpacking Techniques

Category: blogs | Posted by

Staff 281 days ago
Via: http://www.websensesecuritylabs.com | Tags: packer detection generic unpacking techniques comments

Discuss

Malware authors often use their own protections or packers to prevent automated unpacking of their executables. This is an attempt to delay development of antivirus (AV) signatures or in-depth behavioral analysis. Scramblers, tools designed to modify the packed binary to help throw off signature-based scanners, are often used as well. In fact, a public protector called [MSLRH] not only packs the executable and protects it using anti-debug, anti-dump, and stolen-byte mechanisms, but read more »

Add this link to... report

Bury

85
Vote

United 'bankruptcy' points to new stock scam techniques

Category: news | Posted by

Staff 120 days ago
Via: http://go.theregister.com | Tags: united bankruptcy points stock scam techniques comments

Discuss

Why use spam in pump and dump scams when a botnet can spread potent misinformation?Market watchers are trying to unravel how a six-year old story suddenly rose to prominence, hammering the share price of United Airlines earlier this week.… read more »

Add this link to... report

Bury