Header bannerHeader banner
August 4, 2021

The list of highest-rated books for Malware Analysts features “Rootkits and Bootkits”

Binarly Team

Today we are pleased to announce that "Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats" book by Alex Matrosov, Eugene Rodionov and Sergey Bratus has been featured in the Highest-Rated Books for Malware Analysts Available on Amazon.

This book was released just in time for Black Hat and DEFCON Las Vegas 2019. In the light of the recent supply chain attacks, the content of this book becomes even more relevant to the cybersecurity professionals.

Figure 1

The book raised to the challenge by covering all aspects of advanced malware analysis, from kernel deep-dives to bootloaders and emerging firmware threats. Readers appreciated how the authors addressed essential topics regarding reverse engineering and forensics for advanced malware threats and rewarded it with high ratings. IEEE Computer Society's Technical Committee and USENIX magazine gave stellar reviews to this book.

During the book planning phase, the authors decided to cover the evolution of threats below the runtime environment of the operating systems. The chapters regarding the UEFI firmware threats are featured in Part 2: BOOTKITS, where the authors discussed "Contemporary UEFI Bootkits" and "UEFI Firmware Vulnerabilities". Part 3: DEFENSE AND FORENSIC TECHNIQUES introduced firmware related topics such as "How Secure Boot Works" and "BIOS/UEFI Forensics"..

Figure 2

Binarly Team recommends this book as a prerequisite to guide researchers into understanding complex topics related to firmware threats below the operating system.

“Follow in the footsteps of professionals with a record of discovering advanced malware.” — Rodrigo Rubira Branco

Furthermore, this book is accompanied by the collection of threats covered for practice and further analysis. Currently, the authors are working on the second edition of the book, which will focus on emerging firmware and hardware threats.

Stay tuned!

Check if you are affected by the XZ backdoor