The problem with hunting for malware is that most currently available analysis tools tip off the attacker that you're doing it. But at next month's Black Hat conference, a researcher will release a tool that is harder to detect -- and harder to avoid -- than the malware analyzers currently on the market.
Paul Royal, principal researcher at botnet hunter Damballa Inc., will make, on Aug. 6, a Black Hat presentation on a tool called Azure, which will be published as an open-source proof of concept, available for free to enterprises or vendors.
Azure is an external hardware tool that is based on Intel VT, a hardware-assisted means of virtualizing the PC. It allows the user to create the equivalent of an x86 processor-based machine that can be used to detect and analyze malware at the instruction level or at the Windows API level.
-------------------------------
Ohh, I am so ready for Vegas....
No comments:
Post a Comment