Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: I love this woman

I love this woman 7 years 4 months ago #31115

  • sose
  • sose's Avatar
  • Offline
  • Honored Member
  • Posts: 813
  • Thank you received: 4
  • Karma: 3
Joanna Rutkowska is a Polish security specialist, primarily known for her research on stealth malware and contributions to Windows Vista backdoor installation and hiding techniques.

In August 2006 at the Black Hat Briefings conference in Las Vegas, Rutkowska presented system compromise techniques that could be used on Windows Vista systems - and subsequently, has been named one of Five Hackers who Put a Mark on 2006 by eWeek Magazine for her research on the topic [1].

In the first part of the presentation, Rutkowska discussed how to bypass Vista kernel protection, demonstrating how to load unsigned code into the Vista kernel. The second part of the presentation introduced a technique dubbed Blue Pill. It could be described as a rootkit technology, allowing potentially malicious code to covertly take control over the system through the use of CPU virtualization. This method, although presented and implemented on Vista system is OS-independent and does not exploit any weakness in the Vista system itself. The effectiveness of the latter approach, dubbed Blue Pill, is a subject of a debate among some researchers.

At Black Hat Federal, in March 2007, Rutkowska demonstrated that certain types of hardware-based memory acquisition (e.g. FireWire based) are unreliable and can be defeated.

At the next Black Hat in Las Vegas, Rutkowska and Alexander Tereshkin presented research that:

Disclosed specific Vista driver vulnerabilities (and patterns of vulnerabilities) that again allowed the bypass of Vista kernel protection.
Released the source code to the New Blue Pill project, a ground-up rewrite of Blue Pill and the first published virtualized rootkit.
Discussed ways to avoid the detection of virtualization-based rootkits.
Critiqued detection approaches presented by other researchers, noting that "blue pill detection" methods to be generic VMM detectors, incapable of distinguishing between malicious and non-malicious hypervisors.
Presented the first working proof of concept of "nested virtualization", allowing other hardware-based hypervisors as guests of the Blue Pill's hypervisor. The published code only allowed the running of simple hypervisors as a guest, e.g. the Blue Pill hypervisor itself as a guest of another Blue Pill hypervisor.
In April 2007 Rutkowska founded Invisible Things Lab in Warsaw, Poland. The company focuses on OS and VMM security research and provides various consulting services


photos.hackinthebox.org/albums/hitb2006-...a_and_Paul_Boehm.jpg
sose
Network Engineer
analysethis.co/index.php/forum/index
The administrator has disabled public write access.
Time to create page: 0.072 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup