Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Safemode rootkit & DRM SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Safemode rootkit & DRM
A news fwiw, there is a great analysis and commentary on a  rootkit made to run in safemode today at Mark's Sysinternals Blog today. Thanks very much for the great rootkit detection work and writing Mark!

F-Secure is also covering this in their blog.
Patrick

193 Posts

Sign Up for Free or Log In to start participating in the conversation!