Lucene search
K

162 matches found

Rapid7 Blog
Rapid7 Blog
added 2021/05/19 6:9 p.m.40 views

How to Implement Secure and Compliant IaC

Success lies in security True separation of developer and security teams is becoming a thing of the past. Today’s cloud environments enable deployments at previously unheard-of speed and scale; there simply isn’t time to build infrastructure, then code, then hand it all off for security...

0.7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/03/18 1:3 p.m.65 views

How to Successfully Pursue a Career in Malware Analysis

Are you looking to becoming a malware analyst? Then continue reading to discover how to gain the training you need and start a career in malware analysis career. Did you know that new malware is released every seven seconds? As more and more systems become reliant on the internet, the proliferati...

0.1AI score
Exploits0
FireEye
FireEye
added 2021/01/20 12:0 a.m.472 views

Emulation of Kernel Mode Rootkits With Speakeasy

In August 2020, we released a blog post about how the Speakeasy emulation framework can be used to emulate user mode malware such as shellcode. If you haven’t had a chance, give the post a read today. In addition to user mode emulation, Speakeasy also supports emulation of kernel mode Windows...

7.5AI score
Exploits0References2
Kitploit
Kitploit
added 2020/11/28 11:30 a.m.69 views

Tracee - Container And System Event Tracing Using eBPF

Tracee is a lightweight and easy to use container and system tracing tool. It allows you to observe system calls and other system events in real-time. A unique feature of Tracee is that it will only trace newly created processes and containers that were started after Tracee has started, in order ...

6.8AI score
Exploits0References4
Kitploit
Kitploit
added 2020/11/25 11:30 a.m.65 views

Wsb-Detect - Tool To Detect If You Are Running In Windows Sandbox ("WSB")

wsb-detect enables you to detect if you are running in Windows Sandbox "WSB". The sandbox is used by Windows Defender for dynamic analysis, and commonly manually by security analysts and alike. At the tail end of 2019, Microsoft introduced a new feature named Windows Sandbox WSB for short. The...

7.5AI score
Exploits0References1
FireEye
FireEye
added 2020/08/26 12:0 a.m.34 views

Emulation of Malicious Shellcode With Speakeasy

In order to enable emulation of malware samples at scale, we have developed the Speakeasy emulation framework. Speakeasy aims to make it as easy as possible for users who are not malware analysts to acquire triage reports in an automated way, as well as enabling reverse engineers to write custom...

0.7AI score
Exploits0References2
FireEye
FireEye
added 2020/08/06 12:0 a.m.22 views

Bypassing MassLogger Anti-Analysis — a Man-in-the-Middle Approach

The FireEye Front Line Applied Research & Expertise FLARE Team attempts to always stay on top of the most current and emerging threats. As a member of the FLARE Reverse Engineer team, I recently received a request to analyze a fairly new credential stealer identified as MassLogger. Despite the la...

0.1AI score
Exploits0References22
FireEye
FireEye
added 2020/07/07 6:0 p.m.21 views

Configuring a Windows Domain to Dynamically Analyze an Obfuscated Lateral Movement Tool

We recently encountered a large obfuscated malware sample that offered several interesting analysis challenges. It used virtualization that prevented us from producing a fully-deobfuscated memory dump for static analysis. Statically analyzing a large virtualized sample can take anywhere from...

Exploits0References4
Microsoft Secure
Microsoft Secure
added 2020/06/17 4:0 p.m.30 views

UEFI scanner brings Microsoft Defender ATP protection to a new level

Microsoft Defender Advanced Threat Protection Microsoft Defender ATP is extending its protection capabilities to the firmware level with a new Unified Extensible Firmware Interface UEFI scanner. Hardware and firmware-level attacks have continued to rise in recent years, as modern security solutio...

0.3AI score
Exploits0
CNVD
CNVD
added 2020/06/09 12:0 a.m.2 views

WhiteSource Software Application Vulnerability Management Injection Vulnerability

WhiteSource Software Application Vulnerability Management AVM is a suite of application vulnerability management platforms from WhiteSource Software. The platform is mainly used to view and synchronize the review of its static application security test results SAST, dynamic application security...

7.5CVSS6.7AI score0.00995EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2020/06/07 3:3 p.m.177 views

Exploit for Use After Free in Google Android

Android Kernel Vulnerability Overview In November 2017...

7.8CVSS9AI score0.72105EPSS
Exploits27
CNVD
CNVD
added 2020/04/08 12:0 a.m.2 views

Unspecified Vulnerability in HCL Technologies AppScan Standard Edition

HCL Technologies AppScan Standard Edition is a suite of dynamic analysis testing tools from HCL Technologies, India, which is primarily used for web security testing. HCL Technologies AppScan Standard Edition suffers from an unspecified vulnerability that stems from an incorrect account lockout...

9.8CVSS6.9AI score0.01032EPSS
Exploits0References1
Talos Blog
Talos Blog
added 2020/02/27 4:53 a.m.67 views

New Research Paper: Prevalence and impact of low-entropy packing schemes in the malware ecosystem

Detection of malware is a constant battle between the technologies designed to detect and prevent malware and the authors creating them. One common technique adversaries leverage is packing binaries. Packing an executable is similar to applying compression or encryption and can inhibit the abilit...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2020/01/02 9:36 p.m.95 views

XSpear v1.3 - Powerfull XSS Scanning And Parameter Analysis Tool

XSpear is XSS Scanner on ruby gems Key features Pattern matching based XSS scanning Detect alert confirm prompt event on headless browser with Selenium Testing request/response for XSS protection bypass and reflectedor all params Reflected Params All paramsfor blind xss, anytings Filtered test...

6.9AI score
Exploits0References5
Kitploit
Kitploit
added 2019/11/28 12:0 p.m.157 views

ATFuzzer - Dynamic Analysis Of AT Interface For Android Smartphones

"Opening Pandora's Box through ATFuzzer: Dynamic Analysis of AT Interface for Android Smartphones" is accepted to the 35th Annual Computer Security Applications Conference ACSAC 2019. https://relentless-warrior.github.io/wp-content/uploads/2019/11/atfuzz.pdf Abstract This paper focuses on checkin...

7.7AI score
Exploits0References3
Carbon Black Blog
Carbon Black Blog
added 2019/08/12 12:0 p.m.95 views

Binee: Outsmarting Malware with Next-Generation Process Emulation

The Problem with Malware Analysis Threat researchers get thousands of samples of malware every day and, as every researcher knows, it is very difficult to analyze them in a way that allows for intelligent decisions regarding whether a sample’s reputation is good or bad. There are already some qui...

1.1AI score
Exploits0
CNVD
CNVD
added 2019/07/03 12:0 a.m.3 views

Tencent HaboHaboMalHunter Security Bypass Vulnerability

Tencent Habo is a malware sample analysis and identification platform from Tencent. HaboMalHunter is a malware analysis tool that relies on the Dynamic Analysis Module, Static Analysis Module, and Task Scheduling Framework in a deep sandbox to automate the analysis of malicious samples. A securit...

7.8CVSS6.9AI score0.00969EPSS
Exploits1References1
OSV
OSV
added 2019/07/01 2:15 p.m.16 views

CVE-2019-13125

HaboMalHunter through 2.0.0.3 in Tencent Habo allows attackers to evade dynamic malware analysis via PIE compilation...

7.8CVSS6.8AI score
Exploits0References1
Kitploit
Kitploit
added 2018/12/12 8:49 p.m.77 views

Jackhammer - One Security Vulnerability Assessment/Management Tool To Solve All The Security Team Problems

One Security vulnerability assessment/management tool to solve all the security team problems. What is Jackhammer? Jackhammer is a collaboration tool built with an aim of bridging the gap between Security team vs dev team, QA team and being a facilitator for TPM to understand and track the qualit...

7.5AI score
Exploits0References10
The Hacker News
The Hacker News
added 2018/12/05 10:58 a.m.130 views

SNDBOX: AI-Powered Online Automated Malware Analysis Platform

Looking for an automated malware analysis software? Something like a 1-click solution that doesn't require any installation or configuration…a platform that can scale up your research time… technology that can provide data-driven explanations… well, your search is over! Israeli cybersecurity and...

7.7AI score
Exploits0
Rows per page
Query Builder