AlexSyScan13
AlexSyScan13
AlexSyScan13
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
What This Talk Is (Not) About<br />
■ A rootkit/malware persistence technique<br />
■ Hidden from the usual HIPS/AV callbacks and mechanisms<br />
■ Usable from kernel and user<br />
■ Require privileged user token -- not a ‘security vulnerability’