obfuscation – Page 2 – Experimental News Clipping Site

Threat Research Archives – Unit 42: Uncovering .NET Malware Obfuscated by Encryption and Virtualization

Mar 10, 2025

—

by

Source URL: https://unit42.paloaltonetworks.com/malware-obfuscation-techniques/ Source: Threat Research Archives – Unit 42 Title: Uncovering .NET Malware Obfuscated by Encryption and Virtualization Feedly Summary: AI Summary and Description: Yes **Summary:** This article provides a detailed examination of sophisticated obfuscation techniques utilized by various malware families, specifically focusing on how these methods enhance the ability of malware to evade…

Hacker News: GoStringUngarbler: Deobfuscating Strings in Garbled Binaries

Mar 6, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/gostringungarbler-deobfuscating-strings-in-garbled-binaries Source: Hacker News Title: GoStringUngarbler: Deobfuscating Strings in Garbled Binaries Feedly Summary: Comments AI Summary and Description: Yes Summary: This text details the challenges associated with analyzing malware written in Go that utilizes the garble obfuscator, focusing on the introduction of the GoStringUngarbler tool, which automates the deobfuscation process of string literals.…

Cloud Blog: GoStringUngarbler: Deobfuscating Strings in Garbled Binaries

Mar 5, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/gostringungarbler-deobfuscating-strings-in-garbled-binaries/ Source: Cloud Blog Title: GoStringUngarbler: Deobfuscating Strings in Garbled Binaries Feedly Summary: Written by: Chuong Dong Overview In our day-to-day work, the FLARE team often encounters malware written in Go that is protected using garble. While recent advancements in Go analysis from tools like IDA Pro have simplified the analysis process, garble…

Unit 42: Beneath the Surface: Detecting and Blocking Hidden Malicious Traffic Distribution Systems

Mar 5, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/?p=138517 Source: Unit 42 Title: Beneath the Surface: Detecting and Blocking Hidden Malicious Traffic Distribution Systems Feedly Summary: A topological analysis and case studies add nuance to a study of malicious traffic distribution systems. We compare their use by attackers to benign systems. The post Beneath the Surface: Detecting and Blocking Hidden Malicious…

Unit 42: Uncovering .NET Malware Obfuscated by Encryption and Virtualization

Mar 3, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/?p=138493 Source: Unit 42 Title: Uncovering .NET Malware Obfuscated by Encryption and Virtualization Feedly Summary: Malware authors use AES encryption and code virtualization to evade sandbox static analysis. We explore how this facilitates spread of Agent Tesla, XWorm and more. The post Uncovering .NET Malware Obfuscated by Encryption and Virtualization appeared first on…

Hacker News: I found 1000 GitHub repos with malware. Can we get them deleted?

Feb 28, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://timsh.org/github-scam-investigation-thousands-of-mods-and-cracks-stealing-your-data/ Source: Hacker News Title: I found 1000 GitHub repos with malware. Can we get them deleted? Feedly Summary: Comments AI Summary and Description: Yes Summary: The text provides an alarming insight into the prevalence of malicious GitHub repositories that are used to distribute malware, specifically a variant known as Redox stealer. By…

Unit 42: Squidoor: Suspected Chinese Threat Actor’s Backdoor Targets Global Organizations

Feb 27, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/?p=138415 Source: Unit 42 Title: Squidoor: Suspected Chinese Threat Actor’s Backdoor Targets Global Organizations Feedly Summary: We analyze the backdoor Squidoor, used by a suspected Chinese threat actor to steal sensitive information. This multi-platform backdoor is built for stealth. The post Squidoor: Suspected Chinese Threat Actor’s Backdoor Targets Global Organizations appeared first on…

The Register: North Korea targets crypto developers via NPM supply chain attack

Feb 13, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/02/13/north_korea_npm_crypto/ Source: The Register Title: North Korea targets crypto developers via NPM supply chain attack Feedly Summary: Yet another cash grab from Kim’s cronies and an intel update from Microsoft North Korea has changed tack: its latest campaign targets the NPM registry and owners of Exodus and Atomic cryptocurrency wallets.… AI Summary and…

Bulletins: Vulnerability Summary for the Week of February 3, 2025

Feb 10, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.cisa.gov/news-events/bulletins/sb25-041 Source: Bulletins Title: Vulnerability Summary for the Week of February 3, 2025 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info .TUBE gTLD–.TUBE Video Curator Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in .TUBE gTLD .TUBE Video Curator allows Reflected XSS. This issue affects…

The GenAI Bug Bounty Program | 0din.ai: The GenAI Bug Bounty Program

Feb 10, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://0din.ai/blog/odin-secures-the-future-of-ai-shopping Source: The GenAI Bug Bounty Program | 0din.ai Title: The GenAI Bug Bounty Program Feedly Summary: AI Summary and Description: Yes Summary: This text delves into a critical vulnerability uncovered in Amazon’s AI assistant, Rufus, focusing on how ASCII encoding allowed malicious requests to bypass existing guardrails. It emphasizes the need for…

Tag: obfuscation