Tag: static analysis

  • The Register: Malware in Lisp? Now you’re just being cruel

    Source URL: https://www.theregister.com/2025/03/29/malware_obscure_languages/ Source: The Register Title: Malware in Lisp? Now you’re just being cruel Feedly Summary: Miscreants warming to Delphi, Haskell, and the like to evade detection Malware authors looking to evade analysis are turning to less popular programming languages like Delphi or Haskell.… AI Summary and Description: Yes Summary: The text discusses a…

  • Hacker News: Show HN: Nuanced – Help AI understand code structure, not just text

    Source URL: https://www.nuanced.dev/blog/initial-launch Source: Hacker News Title: Show HN: Nuanced – Help AI understand code structure, not just text Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text introduces Nuanced, an open-source Python library designed to enhance the capabilities of AI coding assistants by providing a structured representation of code dependencies through call…

  • Microsoft Security Blog: New XCSSET malware adds new obfuscation, persistence techniques to infect Xcode projects

    Source URL: https://www.microsoft.com/en-us/security/blog/2025/03/11/new-xcsset-malware-adds-new-obfuscation-persistence-techniques-to-infect-xcode-projects/ Source: Microsoft Security Blog Title: New XCSSET malware adds new obfuscation, persistence techniques to infect Xcode projects Feedly Summary: Microsoft Threat Intelligence has uncovered a new variant of XCSSET, a sophisticated modular macOS malware that infects Xcode projects, in the wild. Its first known variant since 2022, this latest XCSSET malware features…

  • Threat Research Archives – Unit 42: Uncovering .NET Malware Obfuscated by Encryption and Virtualization

    Source URL: https://unit42.paloaltonetworks.com/malware-obfuscation-techniques/ Source: Threat Research Archives – Unit 42 Title: Uncovering .NET Malware Obfuscated by Encryption and Virtualization Feedly Summary: AI Summary and Description: Yes **Summary:** This article provides a detailed examination of sophisticated obfuscation techniques utilized by various malware families, specifically focusing on how these methods enhance the ability of malware to evade…

  • Hacker News: GoStringUngarbler: Deobfuscating Strings in Garbled Binaries

    Source URL: https://cloud.google.com/blog/topics/threat-intelligence/gostringungarbler-deobfuscating-strings-in-garbled-binaries Source: Hacker News Title: GoStringUngarbler: Deobfuscating Strings in Garbled Binaries Feedly Summary: Comments AI Summary and Description: Yes Summary: This text details the challenges associated with analyzing malware written in Go that utilizes the garble obfuscator, focusing on the introduction of the GoStringUngarbler tool, which automates the deobfuscation process of string literals.…

  • Cloud Blog: GoStringUngarbler: Deobfuscating Strings in Garbled Binaries

    Source URL: https://cloud.google.com/blog/topics/threat-intelligence/gostringungarbler-deobfuscating-strings-in-garbled-binaries/ Source: Cloud Blog Title: GoStringUngarbler: Deobfuscating Strings in Garbled Binaries Feedly Summary: Written by: Chuong Dong Overview In our day-to-day work, the FLARE team often encounters malware written in Go that is protected using garble. While recent advancements in Go analysis from tools like IDA Pro have simplified the analysis process, garble…

  • Unit 42: Uncovering .NET Malware Obfuscated by Encryption and Virtualization

    Source URL: https://unit42.paloaltonetworks.com/?p=138493 Source: Unit 42 Title: Uncovering .NET Malware Obfuscated by Encryption and Virtualization Feedly Summary: Malware authors use AES encryption and code virtualization to evade sandbox static analysis. We explore how this facilitates spread of Agent Tesla, XWorm and more. The post Uncovering .NET Malware Obfuscated by Encryption and Virtualization appeared first on…

  • Hacker News: Show HN: Globstar – Open-source static analysis toolkit

    Source URL: https://news.ycombinator.com/item?id=43207942 Source: Hacker News Title: Show HN: Globstar – Open-source static analysis toolkit Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses the launch of Globstar, a new open-source static analysis toolkit from DeepSource, which enables developers to create custom code quality and security checks using YAML or Go. The…

  • Hacker News: Show HN: Letting LLMs Run a Debugger

    Source URL: https://github.com/mohsen1/llm-debugger-vscode-extension Source: Hacker News Title: Show HN: Letting LLMs Run a Debugger Feedly Summary: Comments AI Summary and Description: Yes **Summary:** LLM Debugger is a VSCode extension that showcases an innovative use of large language models (LLMs) for active runtime debugging of programs, moving beyond traditional static analysis. By integrating real-time data related…

  • The Register: The Feds want developers to stop coding ‘unforgivable’ buffer overflow vulns

    Source URL: https://www.theregister.com/2025/02/13/fbi_cisa_unforgivable_buffer_overflow/ Source: The Register Title: The Feds want developers to stop coding ‘unforgivable’ buffer overflow vulns Feedly Summary: FBI, CISA harrumph at Microsoft and VMware in call for coders to quit baking avoidable defects into stuff US authorities have labelled buffer overflow vulnerabilities “unforgivable defects”, pointed to the presence of the holes in…