Analysis of the Olmasco bootkit: a TDL4 variation with an interesting approach to dropper technology

Alexandr Matrosov summarizes the evolution of complex threats using hidden storage, as discussed in his presentation with Eugene Rodionov at Virus Bulletin 2012.

Changes in the threatscape as regards exploitation of 64-bit systems, exemplified by the latest modifications to the Rovnix bootkit.

Why the ZeroAccess rootkit family modifications are important to the end user.

ESET is seeing a new step of evolution for the Rovnix bootkit family.

A new TDL4 sample includes novel privilege escalation mechanisms in the dropper and changes to the hidden storage system.

ESET researchers have noticed a new phase in the evolution of the TDL4 botnet.

During the first half of 2011 we have witnessed a significant growth in malware targeting 64-bit platforms, the most interesting examples of which are bootkits.

…you can probably guess what I think about the idea of an undetectable virus…

I've stopped maintaining Stuxnet resource pages recently, but occasionally I come across an article that adds something useful to the mix, or simply summarizes aspects of the Stuxnet story neatly and accurately. Besides, its authors must be feeling a little left out with all that fuss about TDL4. ;-) A recent report in Wired gives