So in between playing whack-a-mole with ecard.exe urls and trying to figure out which BlackHat talk you're going to now that The Brothers Kumar have backed out of their talk on bypassing TPM (BTW, these guys are kinda tipping the shady-meter, no?), you're looking for something interesting to read.
Try http://www.securls.com/
And since I mentioned ecard, here's a write-up on some other oft-repacked malware that won't go away. Lyberty Miller does a nice job of pointing out practical countermeasures, something researchers don't always do.
Also, more ecard. Guess what I'm neck-deep in today. It's all new since the weekend!
Hello Mr. Melson - Thanks for the nice mention. Good to hear my post turned out to be at least potentially helpful to some other folks. Also nice because your mention made your site pop up in my "news watch", thereby leading to your interesting blog. Kudos. Good to know there are folks like you out there fighting the good fight. Best Regards, Lyberty
ReplyDelete