Experimental News Clipping Site

Tag: binary analysis

  • Hacker News: Grease: An Open-Source Tool for Uncovering Hidden Vulnerabilities in Binary Code

    by

    Kurt Seifried
    in

    Source URL: https://www.galois.com/articles/introducing-grease Source: Hacker News Title: Grease: An Open-Source Tool for Uncovering Hidden Vulnerabilities in Binary Code Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses GREASE, an open-source tool designed for binary analysis through under-constrained symbolic execution, aimed at enhancing system security by identifying vulnerabilities in binary code. It highlights…

  • Hacker News: MCP server for Ghidra

    by

    Kurt Seifried
    in

    Source URL: https://github.com/LaurieWired/GhidraMCP Source: Hacker News Title: MCP server for Ghidra Feedly Summary: Comments AI Summary and Description: Yes Summary: The text outlines the setup process for the ghidraMCP, a Model Context Protocol server designed to enhance large language models (LLMs) for application reverse engineering using Ghidra tools. This integration could have significant implications for…

  • Hacker News: MCP server for Ghidra

    by

    Kurt Seifried
    in

    Source URL: https://github.com/LaurieWired/GhidraMCP Source: Hacker News Title: MCP server for Ghidra Feedly Summary: Comments AI Summary and Description: Yes Summary: The text outlines the setup process for the ghidraMCP, a Model Context Protocol server designed to enhance large language models (LLMs) for application reverse engineering using Ghidra tools. This integration could have significant implications for…

  • Hacker News: Grease: An Open-Source Tool for Uncovering Hidden Vulnerabilities in Binary Code

    by

    Kurt Seifried
    in

    Source URL: https://www.galois.com/articles/introducing-grease Source: Hacker News Title: Grease: An Open-Source Tool for Uncovering Hidden Vulnerabilities in Binary Code Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses GREASE, an open-source tool designed for binary analysis through under-constrained symbolic execution, aimed at enhancing system security by identifying vulnerabilities in binary code. It highlights…

  • Cloud Blog: GoStringUngarbler: Deobfuscating Strings in Garbled Binaries

    by

    Kurt Seifried
    in

    Source URL: https://cloud.google.com/blog/topics/threat-intelligence/gostringungarbler-deobfuscating-strings-in-garbled-binaries/ Source: Cloud Blog Title: GoStringUngarbler: Deobfuscating Strings in Garbled Binaries Feedly Summary: Written by: Chuong Dong Overview In our day-to-day work, the FLARE team often encounters malware written in Go that is protected using garble. While recent advancements in Go analysis from tools like IDA Pro have simplified the analysis process, garble…

  • Cloud Blog: Cloud CISO Perspectives: New AI, cybercrime reports underscore need for security best practices

    by

    Kurt Seifried
    in

    Source URL: https://cloud.google.com/blog/products/identity-security/cloud-ciso-perspectives-new-ai-cybercrime-reports-underscore-need-security-best-practices/ Source: Cloud Blog Title: Cloud CISO Perspectives: New AI, cybercrime reports underscore need for security best practices Feedly Summary: Welcome to the first Cloud CISO Perspectives for February 2025. Stephanie Kiel, our head of cloud security policy, government affairs and public policy, discusses two parallel and important security conversations she had at…

  • Cloud Blog: Using capa Rules for Android Malware Detection

    by

    Kurt Seifried
    in

    Source URL: https://cloud.google.com/blog/topics/threat-intelligence/capa-rules-android-malware-detection/ Source: Cloud Blog Title: Using capa Rules for Android Malware Detection Feedly Summary: Mobile devices have become the go-to for daily tasks like online banking, healthcare management, and personal photo storage, making them prime targets for malicious actors seeking to exploit valuable information. Bad actors often turn to publishing and distributing malware…

  • Cloud Blog: ScatterBrain: Unmasking the Shadow of PoisonPlug’s Obfuscator

    by

    Kurt Seifried
    in

    Source URL: https://cloud.google.com/blog/topics/threat-intelligence/scatterbrain-unmasking-poisonplug-obfuscator/ Source: Cloud Blog Title: ScatterBrain: Unmasking the Shadow of PoisonPlug’s Obfuscator Feedly Summary: Written by: Nino Isakovic Introduction Since 2022, Google Threat Intelligence Group (GTIG) has been tracking multiple cyber espionage operations conducted by China-nexus actors utilizing POISONPLUG.SHADOW. These operations employ a custom obfuscating compiler that we refer to as “ScatterBrain," facilitating…

  • Cloud Blog: XRefer: The Gemini-Assisted Binary Navigator

    by

    system automation
    in

    Source URL: https://cloud.google.com/blog/topics/threat-intelligence/xrefer-gemini-assisted-binary-navigator/ Source: Cloud Blog Title: XRefer: The Gemini-Assisted Binary Navigator Feedly Summary: Written by: Muhammad Umair Here at Mandiant FLARE, malware reverse engineering is a regular part of our day jobs. At times we are required to perform basic triages on binaries, where every hour saved is critical to incident response timelines. At…

  • Cloud Blog: LummaC2: Obfuscation Through Indirect Control Flow

    by

    system automation
    in

    Source URL: https://cloud.google.com/blog/topics/threat-intelligence/lummac2-obfuscation-through-indirect-control-flow/ Source: Cloud Blog Title: LummaC2: Obfuscation Through Indirect Control Flow Feedly Summary: Written by: Nino Isakovic, Chuong Dong Overview This blog post delves into the analysis of a control flow obfuscation technique employed by recent LummaC2 (LUMMAC.V2) stealer samples. In addition to the traditional control flow flattening technique used in older versions, the…