November 4, 2009, 10:36AM

Researchers Create Hypervisor Tool for Rootkits

Research between North Carolina State and Microsoft has garnered a way to better isolate and centralize kernels--up to 6,000 different kernel hooks--and has stopped nine rootkits. The tool is called HookSafe and runs on Ubuntu Linux 8.04 and uses hardware-based memory. At issue is whether other rootkit technology can bypass this tool, says one rootkit expert. The one hitch so far appears to be a 6 percent performance hit. Read the full article. [Dark Reading]

Comments

Post new comment

Today's Most Popular

Most Viewed

Threatpost Newsletter

Print
E-mail

Featured Slideshows

Securing Your Facebook

The All-Decade Interview Team

Take Our Poll

Listen to Latest Podcasts

Threatpost Content as You Like It


Become a fan on Facebook	Follow us on Twitter	Sign-up for our Newsletter

Featured White Paper

The 10 Questions You Must Ask Your Endpoint Security Vendor

Read this informative brief, prepared by Cascadia Labs, and learn how to ask the right questions to get the right answers when sourcing endpoint security vendors.
Download Now

provided by

Researchers Create Hypervisor Tool for Rootkits

Recommended Reads

Comments

Post new comment

Today's Most Popular

Threatpost Newsletter

Threatpost Newsletter

Featured Slideshows

Take Our Poll

Listen to Latest Podcasts

Threatpost Content as You Like It

Featured White Paper

The 10 Questions You Must Ask Your Endpoint Security Vendor