Cyber Security Informer

Tips for Reverse-Engineering Malicious Code

Lenny Zeltser

SEPTEMBER 7, 2017

This cheat sheet outlines tips for reversing malicious Windows executables via static and dynamic code analysis with the help of a debugger and a disassembler. Overview of the Code Analysis Process. Identify strings and API calls that highlight the program’s suspicious or malicious capabilities.

Engineering

Engineering Malware Software Information Security

REMnux Tools List for Malware Analysis

Lenny Zeltser

OCTOBER 13, 2020

REMnux ® offers a curated collection of free tools for reverse-engineering or otherwise analyzing malicious software. For another perspective on the REMnux tools you can use for examining malicious software, see the one-page REMnux Usage Tips cheat sheet.

Malware

Malware Engineering Software Information Security

How You Can Start Learning Malware Analysis

Lenny Zeltser

JANUARY 6, 2021

Malware analysis sits at the intersection of incident response, forensics, system and network administration, security monitoring, and software engineering. As someone who’s helped thousands of security professionals learn how to analyze malware at SANS Institute , I have a few tips for how you can get started.

Malware

Malware Software Engineering Information Security

Patch Tuesday, October 2021 Edition

Krebs on Security

OCTOBER 12, 2021

Lawrence Abrams of Bleeping Computer writes that the flaw could be used to steal data or install malware, and that soon after Apple patched the bug security researcher Saar Amar published a technical writeup and proof-of-concept exploit that was derived from reverse engineering Apple’s patch.

Engineering

Engineering Internet Internet Backups

Technical Analysis of DanaBot Obfuscation Techniques

Security Boulevard

DECEMBER 6, 2022

The malware is heavily obfuscated which makes it very difficult and time consuming to reverse engineer and analyze. Zscaler ThreatLabz has reverse engineered the various obfuscation techniques used by DanaBot and developed a set of tools using IDA Python scripts to assist with binary analysis. Technical Analysis.

Engineering

Engineering Malware Cryptocurrency Advertising

How Hackers Use Payloads to Take Over Your Machine

eSecurity Planet

NOVEMBER 18, 2021

A payload is a piece of code that executes when hackers exploit a vulnerability. key-loggers) to steal data and other malicious acts. One of the most common attacks is to send emails with an attached.pdf file containing a malicious payload that will install a backdoor. Payloads and Reverse TCP Shell.

Penetration Testing

Penetration Testing Social Engineering Software Wireless

EvilProxy Phishing-As-A-Service With MFA Bypass Emerged In Dark Web

Security Affairs

SEPTEMBER 5, 2022

Following the recent Twilio hack leading to the leakage of 2FA (OTP) codes, cybercriminals continue to upgrade their attack arsenal to orchestrate advanced phishing campaigns targeting users worldwide. EvilProxy actors are using Reverse Proxy and Cookie Injection methods to bypass 2FA authentication – proxyfying victim’s session.

Phishing

Phishing Accountability Hacking Advertising

How to Get and Set Up a Free Windows VM for Malware Analysis

Lenny Zeltser

MARCH 2, 2019

Here are some of my favorite free Windows tools for examining malicious software in a lab: Behavioral analysis: Process Monitor , ProcDOT , Process Hacker , Wireshark Code analysis: PeStudio , IDA Freeware , x64dbg , Scylla. You can use this connection to update the OS to the latest patch level and install malware analysis tools.

Malware

Malware Software Engineering Antivirus

Ingenious Phishing Tactics in the Modern Scammer's Toolbox

SecureWorld News

OCTOBER 30, 2023

Morse code cloaking dubious materials In a clever move first spotted in February 2021, malicious actors used meaningful combinations of dots and dashes (known as Morse code) to obfuscate harmful URLs in a file attached to an email. The would-be victim then receives a notification over email asking them to respond to the comment.

Phishing

Phishing Scams Passwords Wireless

NEW TECH: ‘Network Traffic Analysis’ gets to ground truth about data moving inside the perimeter

The Last Watchdog

APRIL 11, 2019

It’s not as though legacy security vendors are asleep at the wheel; they’ve been applying machine learning and AI to the output of SIEMs, firewalls, intrusion detection and other traditional security products designed to filter and detect malicious traffic directed at, and coming through, the perimeter. Practicing restraint.

Digital transformation

Digital transformation Adware Technology Software

Pen Testing Toolkit: Tools & Antivirus Software Evasion Techniques

NopSec

AUGUST 2, 2017

Antivirus software is one of the oldest and the most ever present security control against malware and various types of malicious software. This blog post will explore how hackers evade a standard security control: antivirus software, and will give you tips on what to do should you become a victim. Junk code Polymorphic engine. <PRO>

Antivirus

Antivirus Software Penetration Testing Technology

Microsoft Patch Tuesday, June 2019 Edition

Krebs on Security

JUNE 12, 2019

The most dangerous of these include four flaws for which there is already exploit code available. There’s also a scary bug affecting all versions of Microsoft Office that can be triggered by a malicious link or attachment. And of course Adobe has its customary monthly security update for Flash Player. Qualys on Patch Tuesday.

Backups

Backups Malware Software Engineering

The Hacker Mind: Shellshock

ForAllSecure

MARCH 24, 2021

Shortly after OpenSSL’s Heartbleed, Shellshock was discovered lurking in Bash code two-decades old. And modern fuzzers are not random, they’re guided so they dynamically work their way through the code, increasing their code coverage to find unknown vulnerabilities that can escape other software testing such as static analysis.

Software

Software Passwords Internet Internet

The Hacker Mind: Shellshock

ForAllSecure

MARCH 24, 2021

Shortly after OpenSSL’s Heartbleed, Shellshock was discovered lurking in Bash code two-decades old. And modern fuzzers are not random, they’re guided so they dynamically work their way through the code, increasing their code coverage to find unknown vulnerabilities that can escape other software testing such as static analysis.

Software

Software Passwords Internet Internet

NFTs: The Newest Collectible

eSecurity Planet

APRIL 21, 2021

Top tips to prevent scamming include only validating transactions you are a party to and only interacting on the official platform channels. In March, a popular NFT marketplace, Nifty Gateway, was victim to an attack where malicious actors tried to access legitimate accounts. However, it’s also a reason to be cautious.

Cryptocurrency

Cryptocurrency Marketing Accountability Scams

Cyber Security Informer

Tips for Reverse-Engineering Malicious Code

REMnux Tools List for Malware Analysis

Trending Sources

How You Can Start Learning Malware Analysis

Patch Tuesday, October 2021 Edition

Technical Analysis of DanaBot Obfuscation Techniques

How Hackers Use Payloads to Take Over Your Machine

EvilProxy Phishing-As-A-Service With MFA Bypass Emerged In Dark Web

How to Get and Set Up a Free Windows VM for Malware Analysis

Ingenious Phishing Tactics in the Modern Scammer's Toolbox

NEW TECH: ‘Network Traffic Analysis’ gets to ground truth about data moving inside the perimeter

Pen Testing Toolkit: Tools & Antivirus Software Evasion Techniques

Microsoft Patch Tuesday, June 2019 Edition

The Hacker Mind: Shellshock

The Hacker Mind: Shellshock

NFTs: The Newest Collectible

Stay Connected