Analysis of the Olmasco bootkit: a TDL4 variation with an interesting approach to dropper technology
Alexandr Matrosov summarizes the evolution of complex threats using hidden storage, as discussed in his presentation with Eugene Rodionov at Virus Bulletin 2012.
Detailed analysis of Rovnix.D reveal updates to the code injection technique employed, allowing multiple injections with a variety of payloads.
Changes in the threatscape as regards exploitation of 64-bit systems, exemplified by the latest modifications to the Rovnix bootkit.
ESET is seeing a new step of evolution for the Rovnix bootkit family.