"The proof-of-concept, dubbed Shadow Walker, is a modification of Butler's FU rootkit, a kernel-level program capable of hiding processes and elevating process privileges. The rootkit uses DKOM (Direct Kernel Object Manipulation) to fake out the Windows Event Viewer to make forensics virtually impossible and can also hide device drivers
anti-virus scanners must 'completely revamp' existing rootkit detection technologies"
Thursday, July 28, 2005
Shadow Walker Root Kit Eats Anti-Virus for Breakfast | Threadwatch.org:
Right, but what about the experiences that Mozilla chooses to default for users like switching to Yahoo and making that the default upon ...
via VMware blog
Intrusion Detection with Tripwire : "Do this by adding a comma after the severity= line and putting emailto= on the next line, followe...