Sorry. If there's one thing I find even more irresistable than a good pun, it's a bad one. Lettuce get down to business.
My Russian colleagues Aleksandr Matrosov and Eugene Rodionov recently delivered a presentation on "Defeating x64: The Evolution of the TDL Rootkit" at Confidence 2011, in Krakow, and now available on our white papers page. If you follow this blog regularly, you'll know that this is a topic on which they certainly know their onions, and on this occasion they discussed how they analysed the rootkit and its implications.
Just to whet your appetite, here's what was on the menu:
If the presentation is the appetiser, you'll love the main course we previously made available on the white papers page, a paper on The Evolution of TDL: Conquering x64. And there are also some related side dishes at http://resources.infosecinstute.com (they let me put my name on those, too, just to prove I'm earning my celery):
Sorry about the word salad.
David Harley CITP FBCS CISSP
ESET Senior Research Fellow