Scarily Tenacious Rootkits, Stuxnet's Secrets and Cisco Flaws

The news this week revolved around complex and troublesome threats, notably two rootkits, TDL4 and ZeroAccess. Stuxnet reared its head once again as did a new problem with Cisco’s popular videoconferencing software. Read on for the full week in review.

In our most popular story of the week, we heard about TDL4, an evolved version of the TDSS/Alureon rootkit that’s managed to sneak its way past Windows’ normal security methods. Detected in Vista and Windows 7, TDL4 can bypass the systems’ driver-signing protection and infect the machine’s master boot record, making removal tricky. This is just the latest version of the rootkit - there's TDL1, TDL2, and so on. And the authors behind it are constantly tweaking it and adding features - a classic example of the kind of professional development shops that most malware operations have morphed into in recent years.

More: http://threatpost.com/en_us/blogs/week-security-scarily-tenacious-rootkits-stuxnets-secrets-and-cisco-flaws-111810