Hunting for OS X Rootkits in Memory

  • Thursday, February 27, 2014 | 10:40 AM – 11:40 AM | West | Room: 3022
View all Sessions

The OS X Kernel has been increasingly targeted by malicious players due to the shrinking attack surface. This presentation will include demonstrations and discuss attacks, such as function inlining, shadow syscall tables and DTrace hooks and their detection in memory with the Volatility Framework.

Participants

This document was retrieved from http://www.rsaconference.com/events/us14/agenda/sessions/1031/hunting-for-os-x-rootkits-in-memory on Fri, 25 Jul 2014 23:06:48 -0400.
© 2014 EMC Corporation. All rights reserved.