By Alex Groce, Northern Arizona University
Improving static analysis tools can be hard; once you’ve implemented a good tool based on a useful representation of a program and added a large number of rules to detect problems, how do you further enhance the tool’s bug-finding power?
One (necessary) approach to coming up with new rules and engine upgrades for st
Publish At:
2022-08-17 11:43 |
Read:112 | Comments:0 |
Tags:
Uncategorized
By Josselin Feist, Principal Security Engineer
Finding talent is hard, especially in the blockchain security industry. The space is new, so you won’t find engineers with decades of experience with smart contracts. Training is difficult, as the technology evolves constantly, and online content quickly becomes outdated. There are also a lot of misconceptions a
Publish At:
2022-08-12 11:19 |
Read:184 | Comments:0 |
Tags:
Uncategorized
Max Groot & Ruud van Luijk
TL;DR
A recently uncovered malware sample dubbed ‘Saitama’ was uncovered by security firm Malwarebytes in a weaponized document, possibly targeted towards the Jordan government. This Saitama implant uses DNS as its sole Command and Control channel and utilizes long sleep times and (sub)domain randomization to evade detect
Publish At:
2022-08-11 16:05 |
Read:188 | Comments:0 |
Tags:
Uncategorized
It’s never been harder to be a chief information security officer (CISO). In 2021, there were 50% more attacks each week compared to 2020. Without a plan, maintaining a robust security posture is an uphill struggle.
Thankfully, the National Institute of Standards and Technology (NIST) offers CISOs the guidance they need. Read on to learn more ab
By Troy Sargent, Blockchain Security Engineer
You think you’ve found a critical bug in a Solidity smart contract that, if exploited, could drain a widely used cryptocurrency exchange’s funds. To confirm that it’s really a bug, you need to figure out the value at an obscure storage slot that has no getter method. Adrenaline courses through your body, followed
Publish At:
2022-07-28 11:18 |
Read:491 | Comments:0 |
Tags:
Uncategorized
By Evan Sultanik, Principal Security Engineer
A couple of years ago we released PolyFile: a utility to identify and map the semantic structure of files, including polyglots, chimeras, and schizophrenic files. It’s a bit like file, binwalk, and Kaitai Struct all rolled into one. PolyFile initially used the TRiD definition database for file identification. How
Publish At:
2022-07-01 07:20 |
Read:465 | Comments:0 |
Tags:
Uncategorized
Authored by Alberto Segura (main author) and Rolf Govers (co-author)
Summary
Flubot is an Android based malware that has been distributed in the past 1.5 years inEurope, Asia and Oceania affecting thousands of devices of mostly unsuspecting victims.Like the majority of Android banking malware, Flubot abuses Accessibility Permissions and Services in ord
COPENHAGEN, June 20th, 2022 – Heimdal™ Security (HEIMDAL) announced a new addition to its executive team. Following a period of significant growth, the company has landed Mark Wrighton as Chief Revenue Officer. Mark will lead the sales, success, and support teams to foster deeper relationships with customers, as Heimdal™ continues its upmarket trajectory.The
What TrickBot tells us about the future of malware Malware attackers are increasingly sophisticated. Here’s what to know On TrickBot and the future of malware
Malware threats have plagued organizations for decades, but that’s no reason to be complacent with a security strategy that has to date protected yo
Publish At:
2022-06-07 22:24 |
Read:998 | Comments:0 |
Tags:
Uncategorized
By Francesco Bertolaccini
Rellic is a framework for analyzing and decompiling LLVM modules into C code, implementing the concepts described in the original paper presenting the Dream decompiler and its successor, Dream++. It recently made an appearance on this blog when I presented rellic-headergen, a tool for extracting debug metadata from LLVM modules and
Publish At:
2022-05-17 08:27 |
Read:1154 | Comments:0 |
Tags:
Uncategorized
Authored by: Nikolaos Totosis, Nikolaos Pantazopoulos and Mike Stokkel
Executive summary
BUMBLEBEE is a new malicious loader that is being used by several threat actors and has been observed to download different malicious samples. The key points are:
BUMBLEBEE is statically linked with the open-source libraries OpenSSL 1.1.0f, Boost (version 1.68).
By Christian Presa Schnell
During my winternship, I used the findings from recent Go audits to make several improvements to go-fuzz, a coverage-based fuzzer for projects written in Go. I focused on three enhancements to improve the effectiveness of Go fuzzing campaigns and provide a better experience for users. I contributed to fixing type alias issues, inte
Publish At:
2022-04-26 08:18 |
Read:1052 | Comments:0 |
Tags:
Uncategorized
p>By Jim Miller
In part 1 of this blog post, we disclosed critical vulnerabilities that break the soundness of multiple implementations of zero-knowledge proof systems. This class of vulnerability, which we dubbed Frozen Heart, is caused by insecure implementations of the Fiat-Shamir transformation that allow malicious users to forge proofs for random statem
p>By Jim Miller
In part 1 of this series, we disclosed critical vulnerabilities that break the soundness of multiple implementations of zero-knowledge proof systems. This class of vulnerability, which we dubbed Frozen Heart, is caused by insecure implementations of the Fiat-Shamir transformation that allow malicious users to forge proofs for random statement
p>By Jim Miller
In part 1 of this series, we disclosed critical vulnerabilities that break the soundness of multiple implementations of zero-knowledge proof systems. This class of vulnerability, which we dubbed Frozen Heart, is caused by insecure implementations of the Fiat-Shamir transformation that allow malicious users to forge proofs for random statemen
Announce
Share high-quality web security related articles with you:)