Sponsored White Papers, Webcasts, and Downloads
- Live Webcast: Enhanced Availability in a Virtual Data Center with the Dell PS Series and Microsoft Windows Server 2008 R2 Hyper-V
- Live Webcast: High Performance Workstations that Rock for Engineering and Entertainment!
- Learn how Performance Metrics for Telcomm Expense Management Drive new ROIs and SLAs
ZDNet Resources
- sort by:
- Relevance
- Date
- Popularity
- Let users virtualize Vista because hypervisor rootkits are no threat
- Ryan Naraine is on vacation. Guest editorial by Thomas Ptacek Several weeks ago, reports surfaced that the threat of super-sophisticated "hypervisor malware" was preventing Microsoft from allowing their Windows Vista Home Edition operating system from running within virtualization software. Now, Microsoft may have a lot of good reasons for restricting...
- Blog posts 2007-07-05
- Blue Pill hacker challenge update: It's a no-go
- A quick update to the challenge handed down to hacker Joanna Rutkowska to prove that her Blue Pill technology creates "100% undetectable malware."Rutkowska says she is "ready to accept" the challenge but wants her two-person team to be paid $384,000 ($200 a day each for two people working full-time for...
- Blog posts 2007-06-29
- Rutkowska faces '100% undetectable malware' challenge
- At last year's Black Hat security conference, stealth malware researcher Joanna Rutkowska caused a stir with the introduction of Blue Pill, a new technology she claims can create malware that remains "100 percent undetectable."This year, a group of her peers will challenge Rutkowska to prove it, arguing that a...
- Blog posts 2007-06-27
- Rutkowska launches Invisible Things Labs startup
- Polish hacker Joanna Rutkowska has branched out on her own, launching a new security services startup called Invisible Things Labs. Rutkowska, an elite hacker who specializes in offensive rootkit research, said the new company will focus mainly on operating system security -- system compromises, stealth malware, anti-virus and HIPS...
- Blog posts 2007-05-15
- Hardware-based rootkit detection proven unreliable
- For years, weve been convinced by companies like Komoku and BBN Technologies that hardware-based RAM acquisition is the most reliable and secure way to sniff out the presence of a sophisticated rootkit on a compromised machine. Not so fast, says Joanna Rutkowska, a security researcher at COSEINC Malware Labs....
- Blog posts 2007-03-02
- What the UAC 'hole' is really about
- Fellow blogger Ryan Naraine had a blog "Hacker, Microsoft duke it out over Vista design flaw" where he reported on a disagreement between elite researcher Joanna Rutkowska (Singapore-based Coseinc) and elite programmer Mark Russinovich formerly Sysinternals and acquired by Microsoft. Ive spoken with both of these people and...
- Blog posts 2007-02-14
- Hacker, Microsoft duke it out over Vista design flaw
- Joanna Rutkowska has always been a big supporter of the Windows Vista security model. Until she stumbled upon a "very severe hole" in the design of UAC User Account Control and found out -- from Microsoft officials -- that the default no-admin setting isnt even a security mechanism anymore....
- Blog posts 2007-02-13
- Detecting the Blue Pill Hypervisor rootkit is possible but not trivial
- There has been much skepticism over the claim that Blue Pill the first effective Hypervisor rootkit is 100% undetectable and I myself was very skeptical of Blue Pill when I first read about it. I had an extensive email conversation with Joanna Rutkowska (of Singapore-based COSEINC) weeks before her...
- Blog posts 2006-08-17
- Impact of Vista x64 signed driver requirement bypass
- At DEFCON 2006, I had a chance to sit down with Joanna Rutkowska who is a researcher from Poland working for Singapore-based Coseinc. Rutkowska had presented two security presentations at Black Hat 2006 (occurred right before DEFCON 2006). The first presentation detailed a way of bypassing Vista x64...
- Blog posts 2006-08-11
- Hackers at Black Hat rise to Microsoft's challenge to break Vista's security (and succeed)
- Looks like Microsoft has more work to do on Vista's security. According to InfoWorld:After security researcher Joanna Rutkowska demonstrated Thursday how it's possible to circumvent security in Microsoft's Vista beta software and install a rootkit called Blue Pill, Microsoft said it intends to find ways to stop both potential threats...
- Blog posts 2006-08-04
Additional Resources
- 'Evil Maid' USB stick attack keylogs TrueCrypt passphrases
- nonsenseanybody who is truly concerned about security will have set the BIOS to require a password at boot...and will set 'boot from USB' to 'Disabled'.Can't you password protect from even booting up?I assume we are talking about business class laptops.InterestingPhysical security is paramount - especially when it comes to data...
- Discussion threads 2009-10-19
- 'Evil Maid' USB stick attack keylogs TrueCrypt passphrases
- Security researcher Joanna Rutkowska has released a PoC proof of concept of a keylogger that is capable of logging TrueCrypt's disk encryption passphrase enabling the attacker to successfully decrypt the hard drive's content. Dubbed, the 'evil maid' attack due to its 'plug-and-exploit' functionality requiring 1-2 minutes for...
- Blog posts 2009-10-19
- Intel ships BIOS fix for Rutkowska's Black Hat flaw
- Intel has shipped a BIOS update with a fix for a privilege escalation vulnerability that was used by rootkit researcher Joanna Rutkowska to bluepill the Xen hypervisor. The vulnerability was discussed by Rutkowska at the Black Hat briefings earlier this month but details on the exploit were...
- Blog posts 2008-08-27
- Black Hat Las Vegas Day 2
- Again, sorry for the late updates. Vegas is the kind of place that demands a lot of a person. Too many parties make it difficult to find time to blog on the conference. Pictures of the even are a bit sparse, due to consistently forgetting to bring my camera, but...
- Blog posts 2008-08-09
- Debating the most influential security folks list
- Debating the most influential security folks listNo way...You really think any large company doesn't have cisco solutions as part of their security strategy? How could someone at cisco not be influential?Never been to SANS?Never been to NetOp?Never been to Usenix?Geez - someone outta get their out of the internet...
- Discussion threads 2008-02-13
- Is there a rootkit stashed in your boot record?
- Is there a rootkit stashed in your boot record?You mean Apple Macs aren't affected?Fascinating. This has been 'known about for some time', Windows 2K affected, XP is affected, Vista partially affected, Apple Mac NOT affected. Imagine that, yet another security drop off which only affects Microsoft Windows. Vista, the OS...
- Discussion threads 2008-01-09
- Is there a rootkit stashed in your boot record?
- The latest rootkit in the wild hides on your hard drive's boot sector and is starting to infect Windows PCs, according to security researchers. And the real kicker: The rootkit can't be detected by most antivirus applications. Symantec has been tracking the latest rootkit--Trojan.Mebroot--and...
- Blog posts 2008-01-09
- Microsoft hacker summit tackles security veil of virtualization
- The Fall edition of Microsoft's Blue Hat hacker summit will kick off next week with a heavy focus on piercing the security veil of virtualization and process isolation. At Blue Hat v6, scheduled for September 27-28 in Redmond, external security researchers and internal Microsoft software engineers...
- Blog posts 2007-09-21
- Can Microsoft ever stop kernel tampering in Vista?
- I was just going through the slides from Joanna Rutkowska's Black Hat talk (127-page .ppt file) and discovered that there's another unpatched driver flaw that exposes Windows Vista to kernel tampering. This flaw, in NVIDIA nTune, is similar to the recent ATI Technologies driver issue that provides...
- Blog posts 2007-08-21
- UPDATE: ATI driver flaw exposes Vista kernel to attackers
- See update below for official response from ATIAn unpatched flaw in an ATI driver was at the center of the mysterious Purple Pill proof-of-concept tool that exposed a way to maliciously tamper with the Windows Vista kernel.Purple Pill, a utility released by Alex Ionescu and yanked an hour later after...
- Blog posts 2007-08-09
- << Previous
- page 1 of 1
- Next >>
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- New Online Dashboard for IT Leaders
-
Read about top issues IT decision-makers face every day, plus get cost-effective solutions to real-life IT problems.
- Learn more >>
- The more you simplify, the more you save
-
When you transition from your existing Red Hat environment to SUSE Linux Enterprise from Novell, you can recognize dramatic cost savings, perhaps as much 50%
- Learn more >>
- Keep Up With The Latest In Document Management with The DocuMentor.
-
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
- Learn more >>
- Save time with automated shipping solutions
-
The Business Essentials Guide provides you useful tools and templates to help grow your business and save you time with automated shipping solutions.
- Visit the UPS Business Essentials Guide
- Microsoft Dynamics CRM Online - Free Six-Month Trial for Eligible Organizations
-
Microsoft Dynamics CRM Online provides fast online access, simple contact management and better sales performance for a low monthly cost - the best value on the market today.
- Learn more about the free, six-month trial offer >>
Meet Doc
-
-
Here to help you with your Document Management Needs
- Check out Doc’s Blog on ZDNet
- Help your company, help the earth I want to share with you the Environmental Defense Fund Paper Calculator, which allows you to gauge your organization's environmental impact.
- Which is Greener: Paper or Digital? The Answer May Surprise You Anything we can do to reduce paper consumption is good. But what about the impact of digital waste?
-
Produced by
ZDNet and -
