Experimental News Clipping Site

Tag: static analysis

  • Hacker News: GoStringUngarbler: Deobfuscating Strings in Garbled Binaries

    by

    Kurt Seifried
    in

    Source URL: https://cloud.google.com/blog/topics/threat-intelligence/gostringungarbler-deobfuscating-strings-in-garbled-binaries Source: Hacker News Title: GoStringUngarbler: Deobfuscating Strings in Garbled Binaries Feedly Summary: Comments AI Summary and Description: Yes Summary: This text details the challenges associated with analyzing malware written in Go that utilizes the garble obfuscator, focusing on the introduction of the GoStringUngarbler tool, which automates the deobfuscation process of string literals.…

  • Cloud Blog: GoStringUngarbler: Deobfuscating Strings in Garbled Binaries

    by

    Kurt Seifried
    in

    Source URL: https://cloud.google.com/blog/topics/threat-intelligence/gostringungarbler-deobfuscating-strings-in-garbled-binaries/ Source: Cloud Blog Title: GoStringUngarbler: Deobfuscating Strings in Garbled Binaries Feedly Summary: Written by: Chuong Dong Overview In our day-to-day work, the FLARE team often encounters malware written in Go that is protected using garble. While recent advancements in Go analysis from tools like IDA Pro have simplified the analysis process, garble…

  • Unit 42: Uncovering .NET Malware Obfuscated by Encryption and Virtualization

    by

    Kurt Seifried
    in

    Source URL: https://unit42.paloaltonetworks.com/?p=138493 Source: Unit 42 Title: Uncovering .NET Malware Obfuscated by Encryption and Virtualization Feedly Summary: Malware authors use AES encryption and code virtualization to evade sandbox static analysis. We explore how this facilitates spread of Agent Tesla, XWorm and more. The post Uncovering .NET Malware Obfuscated by Encryption and Virtualization appeared first on…

  • Hacker News: Show HN: Globstar – Open-source static analysis toolkit

    by

    Kurt Seifried
    in

    Source URL: https://news.ycombinator.com/item?id=43207942 Source: Hacker News Title: Show HN: Globstar – Open-source static analysis toolkit Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses the launch of Globstar, a new open-source static analysis toolkit from DeepSource, which enables developers to create custom code quality and security checks using YAML or Go. The…

  • Hacker News: Show HN: Letting LLMs Run a Debugger

    by

    Kurt Seifried
    in

    Source URL: https://github.com/mohsen1/llm-debugger-vscode-extension Source: Hacker News Title: Show HN: Letting LLMs Run a Debugger Feedly Summary: Comments AI Summary and Description: Yes **Summary:** LLM Debugger is a VSCode extension that showcases an innovative use of large language models (LLMs) for active runtime debugging of programs, moving beyond traditional static analysis. By integrating real-time data related…

  • The Register: The Feds want developers to stop coding ‘unforgivable’ buffer overflow vulns

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/02/13/fbi_cisa_unforgivable_buffer_overflow/ Source: The Register Title: The Feds want developers to stop coding ‘unforgivable’ buffer overflow vulns Feedly Summary: FBI, CISA harrumph at Microsoft and VMware in call for coders to quit baking avoidable defects into stuff US authorities have labelled buffer overflow vulnerabilities “unforgivable defects”, pointed to the presence of the holes in…

  • Hacker News: Fake VS Code Extension on NPM Spreads Multi-Stage Malware

    by

    Kurt Seifried
    in

    Source URL: https://www.mend.io/blog/fake-vs-code-extension-on-npm-spreads-multi-stage-malware/ Source: Hacker News Title: Fake VS Code Extension on NPM Spreads Multi-Stage Malware Feedly Summary: Comments AI Summary and Description: Yes Summary: The text reports on a recent discovery of a malicious VS-code extension that employs typosquatting tactics to deliver multi-stage malware to unsuspecting developers. The incident highlights critical security vulnerabilities in…

  • Cloud Blog: Using capa Rules for Android Malware Detection

    by

    Kurt Seifried
    in

    Source URL: https://cloud.google.com/blog/topics/threat-intelligence/capa-rules-android-malware-detection/ Source: Cloud Blog Title: Using capa Rules for Android Malware Detection Feedly Summary: Mobile devices have become the go-to for daily tasks like online banking, healthcare management, and personal photo storage, making them prime targets for malicious actors seeking to exploit valuable information. Bad actors often turn to publishing and distributing malware…

  • Anchore: How Syft Scans Software to Generate SBOMs

    by

    Kurt Seifried
    in

    Source URL: https://anchore.com/blog/how-syft-scans-software-to-generate-sboms/ Source: Anchore Title: How Syft Scans Software to Generate SBOMs Feedly Summary: Syft is an open source CLI tool and Go library that generates a Software Bill of Materials (SBOM) from source code, container images and packaged binaries. It is a foundational building block for various use-cases: from vulnerability scanning with tools…

  • AWS Open Source Blog: Improving API performance at Sonar with Lambda SnapStart and Micronaut

    by

    Kurt Seifried
    in

    Source URL: https://aws.amazon.com/blogs/opensource/improving-api-performance-at-sonar-with-lambda-snapstart-and-micronaut/ Source: AWS Open Source Blog Title: Improving API performance at Sonar with Lambda SnapStart and Micronaut Feedly Summary: SonarQube Cloud is a software as a service (SaaS) solution developed by Sonar that provides a comprehensive code analysis platform. It uses advanced static analysis techniques to automatically find and fix code quality issues,…