example…
-
arXiv:2503.09735v1 Announce Type: new Abstract: Adversarial examples are a major problem for machine learning models, leading to a continuous search for effective defenses. One promising direction is to leverage model explanations to better understand and defend against these attacks. We looked at AmI, a method proposed by a NeurIPS 2018 spotlight paper that uses model…
-
Understanding the past usefulness and current risks of the xmlrpc.php file, as well as best practices for securing your website. The xmlrpc.php file is a historical component of WordPress. Although it was essential a few years ago, its usefulness has greatly diminished as the platform has evolved. This file is now often perceived as a…
-
﷽ Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor of the Malware Binary Triage (IMBT) course starting this Black Friday and Cyber Monday! Enroll Now and Save 10%: Coupon Code MWNEWS10 Note: This is an affiliate link – your enrollment…
-
﷽ Hello, cybersecurity enthusiasts and white hackers! The number of known injection techniques on Windows machines is huge, for example: first, second or third examples from my blog. Today, I’ll guide you through an awesome Linux injection technique using the ptrace system call. Think of ptrace as your personal key to inspecting, modifying, and even…
-
﷽ Hello, cybersecurity enthusiasts and white hackers! After my presentation and workshop at a conference in Luxembourg where I touched on the abuse of cryptographic functions in the internal structure of Windows OS, many colleagues and readers increasingly have questions about the use of cryptography in protecting malware during its development. This post is the…
-
When PJ Hemmaway joined the University of Manchester as CIO in 2022, the organization began an overhaul of its IT and cybersecurity capabilities to contend with the growing array of threats faced by higher education institutions.
-
/* * hack.c * Lucifer payload encryption/decryption * author: @cocomelonc * https://cocomelonc.github.io/malware/2024/10/20/malware-cryptography-33.html */ #include <stdio.h> #include <stdbool.h> #include <string.h> #include <windows.h> #define block_size 16 // 128 bit#define key_size 16 // 128 bit static const unsigned char s0[16] = {0x0C, 0x0F, 0x07, 0x0A, 0x0E, 0x0D, 0x0B, 0x00,0x02, 0x06, 0x03, 0x01, 0x09, 0x04, 0x05, 0x08}; static const…
-
How to be CRA compliant AND make your critical infrastructure clients happy
-
arXivLabs is a framework that allows collaborators to develop and share new arXiv features directly on our website.
-
﷽ Hello, cybersecurity enthusiasts and white hackers! In one of my first posts back in 2022, I wrote about a terminology called Shannon’s entropy and in most of the posts on my blog I drew attention to this concept in malware research and analysis. Recently one of my readers asked an interesting question, of course…
-
arXivLabs is a framework that allows collaborators to develop and share new arXiv features directly on our website.
-
﷽ Hello, cybersecurity enthusiasts and white hackers! I promised to shed light on programming rootkits and other interesting and evil things when programming malware for Linux, but before we start, let’s try to do simple things. Some of my readers have no idea how to do, for example, code injections into Linux processes. Those who…
-
﷽ Hello, cybersecurity enthusiasts and white hackers! This post is the result of my own research on using FEAL-8 block cipher on malware development. As usual, exploring various crypto algorithms, I decided to check what would happen if we apply this to encrypt/decrypt the payload. FEAL Akihiro Shimizu and Shoji Miyaguchi from NTT Japan developed…
-
On the digital journey: It never stops. It has many chapters, and many starts, stops, and restarts. But what I’m proud of over the years is there’s a few key initiatives that come to mind on cloud adoption and being a cloud-first capability. One of the proudest moments, now that we have it up and…
-
Biometrics rollouts at airports supplied several of the most popular articles of the week on Biometric Update, along with multi-modal biometric systems for government programs. Idemia features in two airport projects, one going through a contract dispute and another innovating immigration clearance, and Goode Intelligence sees massive growth ahead in travel digital identities. Idemia has…
-
/* * hack3.c * encrypt/decrypt payload * via CAST-128 algorithm * author: @cocomelonc * https://cocomelonc.github.io/malware/2024/07/29/malware-cryptography-31.html */ #include <stdio.h> #include <stdint.h> #include <string.h> #include <stdlib.h> #include <windows.h> #include <winternl.h> #include <shlwapi.h> #include <string.h> #define BLOCK_SIZE 8#define ROUNDS 16#define KEY_SIZE 16 int cmpUnicodeStr(WCHAR substr, WCHAR mystr) {_wcslwr_s(substr, MAX_PATH);_wcslwr_s(mystr, MAX_PATH); int result = 0;if (StrStrW(mystr, substr) != NULL)…
-
/* * hack.c * encrypt/decrypt payload * via Khufu algorith * author: @cocomelonc * https://cocomelonc.github.io/malware/2024/07/21/malware-cryptography-30.html */ #include <stdio.h> #include <stdint.h> #include <string.h> #include <stdlib.h> #include <windows.h> #define ROUNDS 16#define BLOCK_SIZE 8#define KEY_SIZE 64