This paper covers: Evolution of payloads and rootkits, bypassing code integrity checks (Subverting KMCSP), attacking Windows Bootloader (Boot Process), modern bootkit details w(Win64/Olmarik & Win64/Rovnix overview and installation), and hat facilitates a bootkit attack vector.
- US
- About ESET
- Newsroom
- Press Releases
- Modern Bootkit Trends - Bypassing Kernel-Mode Signing Policy. Authors: Matrosov and Rodionov