Threat Research

It’s what we do.

Two Days in Vegas: Black Hat in Brief

August 5, 2011By Andrew Brandt

The Black Hat briefings, held Wednesday and Thursday this week, once again brought together some of the best and brightest in the security industry to share knowledge about novel attacks and better defenses…read more

New Tool Released: Kiss (or Kick) ZeroAccess Goodbye

August 3, 2011By Andrew Brandt

There are fewer types of malware infections more frustrating and annoying than a rootkit with backdoor capabilities. Over the past couple of years, we’ve seen the emergence of this new, tough-to-fight infectious code,…read more

This Week: Black Hat Coverage

August 3, 2011By Andrew Brandt

As I do every year, I’ve deliberately traveled to the most inhospitable climate zone in the continental US — that is, the city of Las Vegas — to attend the elite technical conference…read more

ZeroAccess Gets Another Update

July 19, 2011By glhaldeman

By Marco Giuliani Among the most infamous kernel mode rootkits in the wild, most of them have had a slowdown in their development cycle – TDL rootkit, MBR rootkit, Rustock are just some…read more

Free Anti-Popureb Tool Released

July 8, 2011By Andrew Brandt

Last week, threat researcher and malware reverse-engineer Marco Giuliani wrote up a fairly technical description of a bootkit — a rootkit that infects the master boot record of the hard drive, making it…read more

ZeroAccess Rootkit Guards Itself with a Tripwire

July 8, 2011By Marco Giuliani

By Marco Giuliani The latest generation of a rapidly evolving family of kernel-mode rootkits called, variously, ZeroAccess or Max++, seems to get more powerful and effective with each new variant. The rootkit infects…read more