🐜 CVE-2022-24942 Heap-based buffer overflow in Silicon Labs Gecko SDK (found via automated binary analysis🖥️)
🗣attilaszia

Skimming the discovery section I saw a mention of a taint tracking module, curious about what other high-level concepts the zero-day analysis tool uses (if it's possible for you to share, I get that you have IP to protect).

Are there any e.g. whitepapers about how the system as a whole works? I'm somewhat knowledgeable about fuzzing and various approaches to that (basic coverage-guided mutation stuff, search-based, grammar-based, etc), curious if that general theory is what the dynamic analysis is based on or if there are other types of dynamic analysis I should go read up on.
👤captain_zavec

PRIS looks interesting however I wouldn't be comfortable uploading firmware blobs to the cloud for analysis by PRIS
👤WindyDaysAreWindy

Just read your article about log4j incident really cool. Keep the good work!
👤waitwatidonteven


🎖@malwr

How I created a botnet and evaded AV and endpoint detection with one repo
🗣bilbo_begones

Great tool to add too and methods, been thinking of making my own but it's like making a puzzle I'm reverse
👤drugged_programmer


🎖@malwr

New SSLKillSwitch, working both jailbroken & non-jailbroken, with many extra features
https://github.com/NyaMisty/ssl-kill-switch3
🗣MiscMisty


🎖@malwr

File Analysis Suite enable you to quickly and efficiently reduce information risk, analyze, optimize, and secure employee access to critical data. See how in @MicroFocusSec's new #DataProtection white paper: http://ms.spr.ly/60125enQj #DataSecurity #DataPrivacy #CyberResilience
🗣MicroFocus


🎖@malwr

Finding the right decompiler for Python bytecode can be a pain because there are so many.

I compiled this table to check the supported versions
🗣struppigel


🎖@malwr

Malware Analysis Series has exactly 450 pages so far:

MAS_1: https://exploitreversing.com/2021/12/03/malware-analysis-series-mas-article-1/
MAS_2: https://exploitreversing.com/2022/02/03/malware-analysis-series-mas-article-2/
MAS_3: https://exploitreversing.com/2022/05/05/malware-analysis-series-mas-article-3/
MAS_4: https://exploitreversing.com/2022/05/12/malware-analysis-series-mas-article-4/
MAS_5: https://exploitreversing.com/2022/09/14/malware-analysis-series-mas-article-5/
MAS_6: https://exploitreversing.com/2022/11/24/malware-analysis-series-mas-article-6/
MAS_7: https://exploitreversing.com/2023/01/05/malware-analysis-series-mas-article-7/
🗣ale_sp_brazil


🎖@malwr

If you want to know what its like to be grilled as a forensic expert watch this. From the Murdaugh trial today.
🗣MDCDF

Thanks. I hate it.
👤carandfreedomgeek2

Solid one. Another is the kid in Michigan for that shooting. Thanks for posting a link OP!
👤bigt252002

When does the expert testimony start?
👤FabsudNalteb


🎖@malwr

New video drop! In this video, we'll explore more #yara basics by looking into #ascii versus #wide char strings. We'll also talk string obfuscation and use the #xor modifier.

https://youtu.be/J9Qr8Vfe9_s
🗣jstrosch


🎖@malwr

Fortinet's James Slaughter writes about the MyDoom worm (also known as Novarg and Mimail) that was first discovered in 2004, but which continues to operate well beyond expectations, with fresh infections still occurring in the wild. https://www.fortinet.com/blog/threat-research/just-because-its-old-doesnt-mean-you-throw-it-away-including-malware
🗣virusbtn


🎖@malwr

Analysis of BlackLotus UEFI bootkit - Bypasses UEFI Secure Boot even on fully updated Windows 11 systems (It brings legit yet vulnerable binaries to the victim system to exploit CVE-2022-21894 & bypass UEFI Secure Boot) : https://www.welivesecurity.com/2023/03/01/blacklotus-uefi-bootkit-myth-confirmed/ credits @smolar_m
🗣binitamshah


🎖@malwr