Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Portfolio Management Maturity Model at Chevron - Presentation & Discussion
November 13, 11:30 AM - 12:30 PM ET (GMT-4)
The fundamental goal of the model is to help IT become a business partner and earn a seat at the table. Core to the model is to establish a five year IT strategic road map that is owned by the business. Presenter Janinne Franke is manager of strategy, planning & optimization at Chevron's corporate department & services. She will share processes and lessons learned from developing and implementing the model.
Learn more about the CIO Executive Council »
Apply today for a FREE subscription to CIO Magazine!
May 09, 2008 — IDG News Service —
Security researchers have developed a new type of malicious rootkit software that hides itself in an obscure part of a computer's microprocessor, hidden from current antivirus products.
Called a System Management Mode (SMM) rootkit, the software runs in a protected part of a computer's memory that can be locked and rendered invisible to the operating system, but which can give attackers a picture of what's happening in a computer's memory.
The SMM rootkit comes with keylogging and communications software and could be used to steal sensitive information from a victim's computer. It was built by Shawn Embleton and Sherri Sparks, who run an Oviedo, Florida, security company called Clear Hat Consulting.
The proof-of-concept software will be demonstrated publicly for the first time at the Black Hat security conference in Las Vegas this August.
The rootkits used by cyber crooks today are sneaky programs designed to cover up their tracks while they run in order to avoid detection. Rootkits hit the mainstream in late 2005 when Sony BMG Music used rootkit techniques to hide its copy protection software. The music company was ultimately forced to recall millions of CDs amid the ensuing scandal.
In recent years, however, researchers have been looking at ways to run rootkits outside of the operating system, where they are much harder to detect. For example, two years ago researcher Joanna Rutkowska introduced a rootkit called Blue Pill, which used AMD's chip-level virtualization technology to hide itself. She said the technology could eventually be used to create "100 percent undetectable malware."
"Rootkits are going more and more toward the hardware," said Sparks, who wrote another rootkit three years ago called Shadow Walker. "The deeper into the system you go, the more power you have and the harder it is to detect you."
Blue Pill took advantage of new virtualization technologies that are now being added to microprocessors, but the SMM rootkit uses a feature that has been around for much longer and can be found in many more machines. SMM dates back to Intel's 386 processors, where it was added as a way to help hardware vendors fix bugs in their products using software. The technology is also used to help manage the computer's power management, taking it into sleep mode, for example.
In many ways, an SMM rootkit, running in a locked part of memory, would be more difficult to detect than Blue Pill, said John Heasman, director of research with NGS Software, a security consulting firm. "An SMM rootkit has major ramifications for things like [antivirus software products]," he said. "They will be blind to it."
Best Practices for Providing Secure and Cost-Effective Remote Access
They Can't Steal What You Don't Have: Smart Security Choices for Mobile Workers
Transform While Perform"
CIO Magazine Advertorial Series
The Three Pillars of Data Protection
The Case for A Specialized Security Platform
Building Competitive Advantage with Next-Generation Wireless Infrastructure
The New "Black Art." Learn why few companies do DNS well. Why fewer can scale it.
Advanced DNS and Traffic Management Solutions: The Keys to Enhancing and Securing your Enterprise Network
The Power of Telepresence
Virtualization in Action: Stories of real businesses that Virtualized their IT environments
The Power of Data Deduplication
Resource Alerts
Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.
Google in Curious Alliance with Click-Fraud Detection Firm
Kernel Developers, Wall Street to Come Together
Ellison Strikes Bullish Tone At Shareholder Meeting
Yahoo Investor Proposal Unlikely to Push Microsoft
Ugandans Comment on 10 Years of ICT Regulation
Vodafone to Acquire 15 Percent More of Vodacom Group
Zoho Launches E-Mail App with Offline, Mobile Access
Mobile Penetration to Hit 95 Percent By 2013
UK Supermarket Uses IT to Cut Checkout Waits
Mobile Industry Split Over UMA Versus Femtocells
Just the basics, please. Sometimes we all need a refresher or we need to make sure our team and our colleagues are all on the same page.
Over 25 tutorials on everything from business intelligence to virtualization.
