Olmasco bootkit: next circle of TDL4 evolution (or not?)
Analysis of the Olmasco bootkit: a TDL4 variation with an interesting approach to dropper technology
boot sector malware
A white paper: Windows 8’s Security Features
[NOTE: For the latest information about compatibility between ESET’s software and Windows 8, please see the following blog post: W8ing for V6: What ESET has in store for Windows 8 Users. (10/23/2012, 4:15PM)] Windows 8 will be available to the public in three weeks, and interest in the latest version of Microsoft’s flagship operating system
Rovnix bootkit framework updated
Changes in the threatscape as regards exploitation of 64-bit systems, exemplified by the latest modifications to the Rovnix bootkit.
Rovnix Reloaded: new step of evolution
ESET is seeing a new step of evolution for the Rovnix bootkit family.
The co‑evolution of TDL4 to bypass the Windows OS Loader patch (KB2506014 )
Our colleagues Aleksandr Matrosov and Eugene Rodionov are tracking the evolution of TDL4 (also known as Win32/Olmarik). The following is a report on the latest TDL4 update, released last week. In our previous blog post, we described how the latest Microsoft Security Update modified the Windows OS loader (winloader.exe) to fix a vulnerability that allowed