White Papers - Page 11 of 12 | ESET

Man, Myth, Malware and Multi-Scanning: (Harley, Canto) CFET 2011
April 02, 2012
This paper considers five key points: the existence of anti-forensic entities, the uses for multi-scanning, the misuse of public and private multiscanner facilities for pseudo-testing,…
Defeating x64: Modern Trends of Kernel-Mode Rootkits. Authors: Matrosov, Rodionov
March 02, 2012
The authors are malware researchers at ESET. This paper deals with: evolution of payloads and rootkits, bypassing code integrity checks, attacking Windows Bootloader, modern bootkit details…
Excerpts from Virus Bulletin Comparative Reviews August-December 2011
March 02, 2012
Requirement for a product to achieve VB100 certifications status are listed. Reactive and Proactive scores are given for: Windows Vista X64, ESET NOD32 Antivirus 4, Windows Server 2003, Windows 7…
Win32/Carberp: When You're in a Black Hole, Stop Digging
March 02, 2012
This paper includes a resources list and summarizes the rise in Carberp-related incidents and its links with the Black Hole exploit kit, as well as with the parallel development and evolution of…
Daze of Whine and Neuroses (But Testing is Fine). Authors: Harley, Bridwell
March 02, 2012
The paper asserts that AMTSO's importance lies in its ability to pool knowledge from the testing and security industries so that each learns from and restrains the other. It should be seen as an…
Modern Bootkit Trends - Bypassing Kernel-Mode Signing Policy. Authors: Matrosov and Rodionov
March 02, 2012
This paper covers: Evolution of payloads and rootkits, bypassing code integrity checks (Subverting KMCSP), attacking Windows Bootloader (Boot Process), modern bootkit details w(Win64/Olmarik &…

Other Resources

Webinars