Rooting Out Rootkits

You have deployed every security solution imaginable. You leverage defense in depth. You update and patch regularly. You have built a fortress with a moat. But deep below all your tools is a rootkit saying “everything is ok” while secretly monitoring everything the system is doing and silently extracting data. How can this happen?
What should really concern us is the growing presence of rootkits also known as stealth malware and the zero-day exploits used to deploy them. The current McAfee Labs Threat Report revealed that malware surpassed the company’s estimate of 75 million unique malware samples last year and that rootkits were a contributing factor to this rise 
A rootkit is a specific type of malware that gains privileged access to a system while actively hiding its presence from users and security tools. Rootkits typically provide a remote user access to all resources on the system on which the rootkit is installed. They often join the compromised system to other “rooted” systems as part of a larger botnet.
Rootkits are also hard to defeat because they are well disguised. Building a piece of code that can inject itself into the kernel space and maintain a low profile while sending out sensitive information takes a strong understanding of the operating system and how it deals with device drivers and memory. When a developer has this level of (continue reading…)

Other links you may like:

Recommendations & Credentials For Gregory Evans: http://gregorydevans.com/recommendations-credentials/, LocatePC, Fake your caller ID go to SPOOFEM.COM, LIGATT Security, Hacker Gear OnlineStolen Computer Alert

High Tech Crime Solutions