Wednesday, March 05, 2008
MBR Rootkit and Other Interesting Toys
F-Secure describes a new rootkit that replaces the MBR on Windows systems. This allows the malware to load before the operating system does on your computer. Game over! The malware seems to be targeting banking software because that's where the money is. The rootkit was also professionally written.
Cult of the Dead Cow released their Goolag scanner last week. I haven't played with it personally. It sounds and looks neat, but I can't afford to download CDC software and hope that they didn't install a backdoor or some such. Perhaps later when I have a virtual XP machine reconfigured.
Core Security found a way for a VMware guest operating system to break out using the shared folder between the host OS and the guest OS. Oops! It appears VMware has known about it for a while now. Never a dull day in IT Security.
Cult of the Dead Cow released their Goolag scanner last week. I haven't played with it personally. It sounds and looks neat, but I can't afford to download CDC software and hope that they didn't install a backdoor or some such. Perhaps later when I have a virtual XP machine reconfigured.
Core Security found a way for a VMware guest operating system to break out using the shared folder between the host OS and the guest OS. Oops! It appears VMware has known about it for a while now. Never a dull day in IT Security.
Labels: IT Security