Trident: Improving Malware Detection with LLMs and Behavioral Features

Traditionally, machine learning methods for PE malware detection have relied on static features like byte histograms, string information, and PE header contents. One barrier to incorporating dynamic analysis features has been the semi-structured nature of sandbox behavior reports. We show that,...

HackerOne: Able to Create Testimonials for myself using Sandbox

The vulnerability allowed hackers to create and display self-authored testimonials on their public profiles. This was achieved by creating a sandbox program on HackerOne and inviting an alternate account. The alternate account could submit reports to the sandbox program, and the primary account,...

HackerOne: Lack warning label when receiving a letter

Summary: Hi team, When using the function ShareReportViaEmail the email is sent to the email address specified by the hacker.This email looks legitimate and comes from verification email addresses, leaving no doubt about it being replaced. This endpoint also applies to sandbox reports which makes...