“Smarter-than-you” security professional Joanna Rutkowska announced today on her blog that she has left her job with COSEINC to start her own security company. Congrats on taking the plunge. We wish you the best of luck!
Also, for those of you who will be attending Black Hat in Vegas this summer may be interested to know that Joanna and Alex Tereshkin will be teaching a course “Understanding Stealth Malware”.
The training will feature many previously unpublished techniques, implementation details, and of course lots of brand new code, developed especially for the training. The code will include sample rootkits similar to Deepdoor, Firewalk, Blue Pill and Delusion (but redesigned and rewritten from scratch) as well as some more exotic things, like e.g. anti-hardware-forensic attacks.
As the training will be focused on Windows platform and Vista x64 specifically, we will also present some new kernel attacks against latest Vista x64 builds. These attacks, of course, work on the fly and do not require system reboot and are not afraid of the TPM/Bitlocker protection. (Although they could also be used to bypass Vista DRM protection, this subject will not be discussed during the training).
I’m already signed up for David Litchfield’s course so I won’t be attending. But, if you want to have your brain melted down and watch as it leaks out your ears then this course will most likely do the trick.
[tags]Joanna Rutkowska, Malware, Rootkits, Stealth Malware, Bull Pill[/tags]