Cisco buying Splunk
https://www.cnbc.com/2023/09/21/cisco-acquiring-splunk-for-157-a-share-in-cash.html
🗣Natural_Sherbert_391
🎖@malwr
https://www.cnbc.com/2023/09/21/cisco-acquiring-splunk-for-157-a-share-in-cash.html
🗣Natural_Sherbert_391
🎖@malwr
CNBC
Cisco makes largest ever acquisition, buying cybersecurity company Splunk for $28 billion in cash
Cisco said it was acquiring cybersecurity software company Splunk for $157 a share in a cash deal worth about $28 billion.
reverse engineering nrf51 firmware
I recently managed to extract the firmware from a nrf51822 chip over swd. The problem is, I am an absolute beginner to reverse engineering firmware, binwalk comes up blank, and other things I've tried, like firmware mod kit, have come up blank. I have also managed to open it in ghidra, but it doesn't seem to be quite right. I have found this git repository(https://github.com/DigitalSecurity/nrf5x-tools) that can help with reversing, and the scripts seem to be correctly identifying the firmware binary as from an nrf51822, but for actually reversing the firmware the script requires IDA pro's python api, which is not at all viable given its price. Is there any way to do something similar in ghidra or some other software?
🗣Matlex2
🎖@malwr
I recently managed to extract the firmware from a nrf51822 chip over swd. The problem is, I am an absolute beginner to reverse engineering firmware, binwalk comes up blank, and other things I've tried, like firmware mod kit, have come up blank. I have also managed to open it in ghidra, but it doesn't seem to be quite right. I have found this git repository(https://github.com/DigitalSecurity/nrf5x-tools) that can help with reversing, and the scripts seem to be correctly identifying the firmware binary as from an nrf51822, but for actually reversing the firmware the script requires IDA pro's python api, which is not at all viable given its price. Is there any way to do something similar in ghidra or some other software?
🗣Matlex2
🎖@malwr
GitHub
GitHub - DigitalSecurity/nrf5x-tools: Nordic Semiconductor nRF5x series disassembly tools
Nordic Semiconductor nRF5x series disassembly tools - DigitalSecurity/nrf5x-tools
Binary Ninja 3.5 (Coruscant) released: mod/div deoptimization, UEFI support, auto variable naming, and more
🗣Psifertex
Coruscant? Uh, that doesn’t compute.
👤lannibal_hecter
Binary Ninja is god tier.
👤Soggy_Dingo_2767
🎖@malwr
🗣Psifertex
Coruscant? Uh, that doesn’t compute.
👤lannibal_hecter
Binary Ninja is god tier.
👤Soggy_Dingo_2767
🎖@malwr
Binary Ninja
Binary Ninja - 3.5: Expanded Universe
Binary Ninja is a modern reverse engineering platform with a scriptable and extensible decompiler.
Reverse engineering natively-compiled .NET apps
🗣atomlib_com
Yeah
👤Other_Ad8905
No surprises here…I don’t think MS has come up with a way to handle runtime type instantiation on reflected/non-static types. unity, with il2cpp, allows you to declare types, methods, classes, whatever in a config file so you ensure they are there even if they aren’t specified in the ast directly.
👤tnavda
🎖@malwr
🗣atomlib_com
Yeah
👤Other_Ad8905
No surprises here…I don’t think MS has come up with a way to handle runtime type instantiation on reflected/non-static types. unity, with il2cpp, allows you to declare types, methods, classes, whatever in a config file so you ensure they are there even if they aren’t specified in the ast directly.
👤tnavda
🎖@malwr
Michal's low level corner
Reverse engineering natively-compiled .NET apps
Digging into internals of apps built with native AOT.
CVE-2023-36844 | PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series
🗣jnazario
🎖@malwr
🗣jnazario
🎖@malwr
AttackerKB
CVE-2023-36844 | AttackerKB
A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to cont…
Cryptomining malware detected on a Russian thesaurus with 5 Million+ monthly visits
🗣nareksays
🎖@malwr
🗣nareksays
🎖@malwr
Group-IB
It’s a trap: Detecting a cryptominer on a popular website using Group-IB MXDR
Group-IB analysts discovered and analyzed a cryptojacking campaign on a popular educational resource using Group-IB Managed XDR.
Critical DICOM Server Misconfigurations Lead to Exposure of 1.6M Medical Records
🗣ziyahanalbeniz
🎖@malwr
🗣ziyahanalbeniz
🎖@malwr
SOCRadar® Cyber Intelligence Inc.
Critical DICOM Server Misconfigurations Lead to Exposure of 1.6M Medical Records
In a regular threat and vulnerability hunting activity, SOCRadar has discovered during their research that thousands of DICOM servers were...
A Survey on Air-Gap Attacks: Fundamentals, Transport Means, Attack Scenarios and Challenges
🗣digicat
🎖@malwr
🗣digicat
🎖@malwr
MDPI
A Survey on Air-Gap Attacks: Fundamentals, Transport Means, Attack Scenarios and Challenges
Major public institutions and organizations that handle sensitive data frequently enforce strong security policies by implementing network separation policies that segregates their internal work networks and internet network using air gaps to prevent the…
OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipes - just released discussing operation from 2021 and 2022 against Israel by Iran
🗣digicat
🎖@malwr
🗣digicat
🎖@malwr
Welivesecurity
OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipes
ESET researchers document OilRig’s Outer Space and Juicy Mix campaigns, targeting Israeli organizations in 2021 and 2022
The aggressor is using cyberattacks for informational special operations against Ukraine’s partners to undermine the support of our country
🗣digicat
🎖@malwr
🗣digicat
🎖@malwr
cip.gov.ua
Державна служба спеціального зв’язку та захисту інформації України
Вебсайт Державної служби спеціального зв’язку та захисту інформації України
Microsoft Azure Sentinel: Adding TLPs (Traffic Light Patterns) to Incidents, Alerts and Analytics Rules
Basic and quick write up I did for a client. Figured might be useful for someone.
https://medium.com/@truvis.thornton/microsoft-azure-sentinel-adding-tlps-traffic-light-patterns-to-incidents-alerts-and-analytics-f05e0b2f171e
🗣thattechkitten
🎖@malwr
Basic and quick write up I did for a client. Figured might be useful for someone.
https://medium.com/@truvis.thornton/microsoft-azure-sentinel-adding-tlps-traffic-light-patterns-to-incidents-alerts-and-analytics-f05e0b2f171e
🗣thattechkitten
🎖@malwr
Medium
Microsoft Azure Sentinel: Adding TLPs (Traffic Light Protocol) to Incidents, Alerts and Analytics…
Just like we label documents, it would be nice to label incidents or rules with the TLP so people instantly know if something can or can’t…