analysis
-
I’ve noticed VMWare is the best supported, best documented and most straightforward option out there from a cursory glance and quite a bit of diving into various forums and readily available resources. Many of the Virtualbox equivalents are either extremely outdated, unsupported or not focused enough on covering various vectors of VM detection by malware.…
-
ePrint Report: “These results must be false”: A usability evaluation of constant-time analysis tools Marcel Fourné, Daniel De Almeida Braga, Jan Jancar, Mohamed Sabt, Peter Schwabe, Gilles Barthe, Pierre-Alain Fouque, Yasemin Acar Cryptography secures our online interactions, transactions, and trust. To achieve this goal, not only do the cryptographic primitives and protocols need to be…
-
Azure’s growing adoption among companies leveraging cloud platforms highlights the increasing need for effective cloud resource management. With a wide range of services, including virtual machines, Kubernetes clusters, and serverless computing, Azure requires advanced management strategies to ensure optimal performance, enhanced security, and cost efficiency.Enterprises must focus on resource provisioning, automation, and monitoring to optimize…
-
IntroductionIn October 2024, Zscaler ThreatLabz came across malware samples that use a network communication protocol that is similar to RisePro. However, unlike RisePro which has primarily been used for information stealing, this new malware specializes in downloading and executing second-stage payloads. Due its distinctive focus and similarities with RisePro’s communication protocol, we named this new…
-
arXivLabs is a framework that allows collaborators to develop and share new arXiv features directly on our website.
-
AhnLab SEcurity intelligence Center (ASEC) has recently identified that the TIDRONE threat actor is launching attacks against companies. In the attack cases, Enterprise Resource Planning (ERP) software was exploited to install a backdoor malware called CLNTEND.
-
Madhurima Das, Bodhisatwa Mazumdar ePrint Report This work investigates persistent fault analysis on ASCON cipher that has been recently standardized by NIST USA for lightweight cryptography applications. In persistent fault, the fault once injected through RowHammer injection techniques, exists in the system during the entire encryption phase. In this work, we propose a model to…
-
Seyoung Yoon, Myungseo Park, Kyungbae Jang, Hwajeong Seo ePrint Report As smartphone usage continues to grow, the demand for note-taking applications, including memo and diary apps, is rapidly increasing. These applications often contain sensitive information such as user schedules, thoughts, and activities, making them key targets for analysis in digital forensics. Each year, new note-taking…
-
Improved Analysis Algorithm This is a massive upgrade to BloodHound Enterprise’s risk analysis capability with a new algorithm we call “Butterfly”:
-
Yujin Oh, Kyungbae Jang, Hwajeong Seo ePrint Report As advancements in quantum computing present potential threats to current cryptographic systems, it is necessary to reconsider and adapt existing cryptographic frameworks. Among these, Grover’s algorithm reduces the attack complexity of symmetric-key encryption, making it crucial to evaluate the security strength of traditional symmetric-key systems. In this…
-
The Data Retention Challenge One of the most significant challenges under NIS2 is the responsibility to retain log and telemetry data for extended periods, ensuring root cause investigations can be performed following cybersecurity incidents.
-
FuzzDistill: Intelligent Fuzzing Target Selection using Compile-Time Analysis and Machine Learning
·
arXivLabs is a framework that allows collaborators to develop and share new arXiv features directly on our website.
-
Tag CVE Count CVEs System Center Operations Manager 1 CVE-2024-43594 Microsoft Defender for Endpoint 1 CVE-2024-49057 Microsoft Office 2 CVE-2024-49059, CVE-2024-43600 Microsoft Office SharePoint 4 CVE-2024-49064, CVE-2024-49068, CVE-2024-49070, CVE-2024-49062 Microsoft Office Excel 1 CVE-2024-49069 Windows Mobile Broadband 7 CVE-2024-49073, CVE-2024-49087, CVE-2024-49092, CVE-2024-49077, CVE-2024-49078, CVE-2024-49083, CVE-2024-49110 Windows Kernel-Mode Drivers 1 CVE-2024-49074 Windows Kernel 1 CVE-2024-49084 Windows…
-
Open source software security and dependency management have never been more critical, as organizations strive to protect their software supply chains while navigating increasing complexity and risks.
-
Summary Our 2024 Dray:Break report revealed 14 new vulnerabilities in DrayTek devices See our upcoming presentation at Black Hat Europe for more details PRODAFT shared threat intelligence from 2023 on a ransomware campaign exploiting DrayTek devices This is the first time this campaign is discussed publicly Our analysis shows sophisticated attack workflows to deploy ransomware…
-
[Submitted on 6 Dec 2024] View a PDF of the paper titled A Differentially Private Kaplan-Meier Estimator for Privacy-Preserving Survival Analysis, by Narasimha Raghavan Veeraragavan and 1 other authors
-
Published in · 6 min read · Just now Sherlock Scenario StoreD Technologies’ customer support team operates tirelessly around the clock in 24/7 shifts to meet customer needs. During the Diwali season, employees have been receiving genuine discount coupons as part of the celebrations. However, this also presented an opportunity for a threat actor to…
-
MalBot December 7, 2024, 7:11am 1 Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor of the Malware Binary Triage (IMBT) course starting this Black Friday and Cyber Monday!
-
Thanks to Brad Duncan for sharing this pcap from 2024-12-04 on his malware traffic analysis site! Due to issues with Google flagging a warning for the site, we’re not including the actual hyperlink but it should be easy to find.