Blackout: What Really Happened... presented at Blackhat USA 2007

by Kris Kendall,

Tags: Security Forensics

Summary : Malicious software authors use code
injection techniques to avoid detection, bypass host-level security
controls, thwart the efforts of human analysts, and make traditional
memory forensics ineffective. Often a forensic examiner or incident
response analyst may not know the weaknesses of the tools they are using
or the advantage the attacker has over those tools by hiding in certain