Experimental News Clipping Site

Tag: reverse engineering

  • Cloud Blog: XRefer: The Gemini-Assisted Binary Navigator

    by

    system automation
    in

    Source URL: https://cloud.google.com/blog/topics/threat-intelligence/xrefer-gemini-assisted-binary-navigator/ Source: Cloud Blog Title: XRefer: The Gemini-Assisted Binary Navigator Feedly Summary: Written by: Muhammad Umair Here at Mandiant FLARE, malware reverse engineering is a regular part of our day jobs. At times we are required to perform basic triages on binaries, where every hour saved is critical to incident response timelines. At…

  • Hacker News: LLVM-Powered Devirtualization

    by

    system automation
    in

    Source URL: https://blog.thalium.re/posts/llvm-powered-devirtualization/ Source: Hacker News Title: LLVM-Powered Devirtualization Feedly Summary: Comments AI Summary and Description: Yes Summary: The text elaborates on the techniques and methodologies for deobfuscating virtualized binaries, primarily utilizing dynamic taint analysis and LLVM optimization strategies. This study showcases new approaches to reverse engineering obfuscated binaries, which is critical in the context…

  • Cloud Blog: Cloud CISO Perspectives: Ending ransomware starts with more reporting

    by

    system automation
    in

    Source URL: https://cloud.google.com/blog/products/identity-security/cloud-ciso-perspectives-ransomware-cyber-insurance-reporting/ Source: Cloud Blog Title: Cloud CISO Perspectives: Ending ransomware starts with more reporting Feedly Summary: Welcome to the second Cloud CISO Perspectives for November 2024. Today, Monica Shokrai, head of business risk and insurance, Google Cloud, and Kimberly Goody, cybercrime analysis lead, Google Threat Intelligence Group, explore the role cyber-insurance can play…

  • Cisco Talos Blog: Finding vulnerabilities in ClipSp, the driver at the core of Windows’ Client License Platform

    by

    system automation
    in

    Source URL: https://blog.talosintelligence.com/finding-vulnerabilities-in-clipsp-the-driver-at-the-core-of-windows-client-license-platform/ Source: Cisco Talos Blog Title: Finding vulnerabilities in ClipSp, the driver at the core of Windows’ Client License Platform Feedly Summary: By Philippe LaulheretClipSP (clipsp.sys) is a Windows driver used to implement client licensing and system policies on Windows 10 and 11 systems.Cisco Talos researchers have discovered eight vulnerabilities related to clipsp.sys…

  • The Register: iOS 18 added secret and smart security feature that reboots iThings after three days

    by

    system automation
    in

    Source URL: https://www.theregister.com/2024/11/19/ios_18_secret_reboot/ Source: The Register Title: iOS 18 added secret and smart security feature that reboots iThings after three days Feedly Summary: Security researcher’s reverse engineering effort reveals undocumented reboot timer that will make life harder for attackers Apple’s latest mobile operating system, iOS 18, appears to have added an undocumented security feature that…

  • Hacker News: Reverse Engineering iOS 18 Inactivity Reboot

    by

    system automation
    in

    Source URL: https://naehrdine.blogspot.com/2024/11/reverse-engineering-ios-18-inactivity.html Source: Hacker News Title: Reverse Engineering iOS 18 Inactivity Reboot Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses the new inactivity reboot feature in iOS 18, which adds a significant layer of security by forcing a device reboot after three days of inactivity. This feature aims to protect…

  • Hacker News: The performance of hashing for similar function detection

    by

    system automation
    in

    Source URL: https://edmcman.github.io/blog/2024-01-11–fuzzy-hashing-for-code-comparisons/ Source: Hacker News Title: The performance of hashing for similar function detection Feedly Summary: Comments AI Summary and Description: Yes Summary: The text delves deeply into malware reverse engineering and explores advanced hashing techniques like PIC hashing and fuzzy hashing. It highlights the significant challenges faced in identifying equivalent functions across different…

  • CSA: Is AI a Data Security Compliance Challenge?

    by

    system automation
    in

    Source URL: https://cloudsecurityalliance.org/articles/ai-and-data-protection-strategies-for-llm-compliance-and-risk-mitigation Source: CSA Title: Is AI a Data Security Compliance Challenge? Feedly Summary: AI Summary and Description: Yes Summary: The text discusses the critical intersection of AI technology, particularly large language models (LLMs), with data security and compliance challenges. It emphasizes the necessity for organizations to adapt to evolving regulations like GDPR and…

  • Cloud Blog: capa Explorer Web: A Web-Based Tool for Program Capability Analysis

    by

    system automation
    in

    Source URL: https://cloud.google.com/blog/topics/threat-intelligence/capa-explorer-web-program-capability-analysis/ Source: Cloud Blog Title: capa Explorer Web: A Web-Based Tool for Program Capability Analysis Feedly Summary: Written by: Soufiane Fariss, Willi Ballenthin, Mike Hunhoff, Genwei Jiang, Tina Johnson, Moritz Raabe capa, developed by Mandiant’s FLARE team, is a reverse engineering tool that automates the identification of program capabilities. In this blog post…

  • Cloud Blog: LummaC2: Obfuscation Through Indirect Control Flow

    by

    system automation
    in

    Source URL: https://cloud.google.com/blog/topics/threat-intelligence/lummac2-obfuscation-through-indirect-control-flow/ Source: Cloud Blog Title: LummaC2: Obfuscation Through Indirect Control Flow Feedly Summary: Written by: Nino Isakovic, Chuong Dong Overview This blog post delves into the analysis of a control flow obfuscation technique employed by recent LummaC2 (LUMMAC.V2) stealer samples. In addition to the traditional control flow flattening technique used in older versions, the…