I think it would be a good idea to compile a list of the malware that can defeat *any*
memory forensics acquisition tool as of January 2013.
Of course the tool should be identified, the technique used to defeat it, and the curent
malware that has the capability. Not all tools would be vulnerable to each technique.
Does anyone think this is not a good idea?
Best,
Mike
Show replies by date