LoginIt might Be Time to Rethink Phishing Awareness
Phishing awareness can be a powerful security tool, or a complete disaster. It all hinges on how you implement it.
Reading view
A Realistic Look at Implications of ChatGPT for Cybercrime
Analyzing ChatGPT's capabilities and various claims about how it will revolutionize cybercrime.
TikTok is a National Security Risk, Not A Privacy One
An analysis of the threat posed by TikTok and why we need to weigh our options carefully.
TikTok is a National Security Risk, Not A Privacy One
An analysis of the threat posed by TikTok and why we need to weigh our options carefully.
Everything you need to know about the OpenSSL 3.0.7 Patch (CVE-2022-3602 & CVE-2022-3786)
Discussion thread: https://updatedsecurity.com/topic/9-openssl-vulnerability-cve-2022-3602-cve-2022-3786/ Vulnerability Details From https://www.openssl.org/news/secadv/20221101.txt X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602) ========================================================== Severity: High A buffer overrun can be triggered in X.509
The post Everything you need to know about the OpenSSL 3.0.7 Patch (CVE-2022-3602 & CVE-2022-3786) appeared first on MalwareTech.
[Video] Introduction to Use-After-Free Vulnerabilities | UserAfterFree Challenge Walkthrough (Part: 1)
An introduction to Use-After-Free exploitation and walking through one of my old challenges. Challenge Info: https://www.malwaretech.com/challenges/windows-exploitation/user-after-free-1-0 Download Link: https://malwaretech.com/downloads/challenges/UserAfterFree2.0.rar Password: MalwareTech
The post [Video] Introduction to Use-After-Free Vulnerabilities | UserAfterFree Challenge Walkthrough (Part: 1) appeared first on MalwareTech.
[Video] Exploiting Windows RPC β CVE-2022-26809 Explained | Patch Analysis
Walking through my process of how I use patch analysis and reverse engineering to find vulnerabilities, then evaluate the risk and exploitability of bugs.
The post [Video] Exploiting Windows RPC β CVE-2022-26809 Explained | Patch Analysis appeared first on MalwareTech.
An in-depth look at hacking back, active defense, and cyber letters of marque
There has been much discussion in cyber security about the possibility of enabling the private sector to engage in active cyber defense, or colloquially βhacking
The post An in-depth look at hacking back, active defense, and cyber letters of marque appeared first on MalwareTech.
How I Found My First Ever ZeroDay (In RDP)
Up until recently, Iβd never tried the bug hunting part of vulnerability research. Iβve been reverse engineering Windows malware for over a decade, and Iβd
The post How I Found My First Ever ZeroDay (In RDP) appeared first on MalwareTech.
BlueKeep: A Journey from DoS to RCE (CVE-2019-0708)
Due to the serious risk of a BlueKeep based worm, Iβve held back this write-up to avoid advancing the timeline. Now that a proof-of-concept for
The post BlueKeep: A Journey from DoS to RCE (CVE-2019-0708) appeared first on MalwareTech.
DejaBlue: Analyzing a RDP Heap Overflow
In August 2019 Microsoft announced it had patched a collection of RDP bugs, two of which were wormable. The wormable bugs, CVE-2019-1181 & CVE-2019-1182 affect
The post DejaBlue: Analyzing a RDP Heap Overflow appeared first on MalwareTech.
YouTubeβs Policy on Hacking Tutorials is Problematic
Recently YouTube changed its policy on βhackingβ tutorials to an essential blanket ban. In the past, such content was occasionally removed under YouTubeβs broad βHarmful
The post YouTubeβs Policy on Hacking Tutorials is Problematic appeared first on MalwareTech.
Analysis of CVE-2019-0708 (BlueKeep)
I held back this write-up until a proof of concept (PoC) was publicly available, as not to cause any harm. Now that there are multiple
The post Analysis of CVE-2019-0708 (BlueKeep) appeared first on MalwareTech.
Analysis of a VB Script Heap Overflow (CVE-2019-0666)
Anyone who uses RegEx knows how easy it is to shoot yourself in the foot; but, is it possible to write RegEx so badly that
The post Analysis of a VB Script Heap Overflow (CVE-2019-0666) appeared first on MalwareTech.
Video: First Look at Ghidra (NSA Reverse Engineering Tool)
Today during RSA Conference, the National Security Agency release their much hyped Ghidra reverse engineering toolkit. Described asΒ βA software reverse engineering (SRE) suite of
The post Video: First Look at Ghidra (NSA Reverse Engineering Tool) appeared first on MalwareTech.
Analyzing a Windows DHCP Server Bug (CVE-2019-0626)
Today Iβll be doing an in-depth write up on CVE-2019-0626, and how to find it. Due to the fact this bug only exists on Windows
The post Analyzing a Windows DHCP Server Bug (CVE-2019-0626) appeared first on MalwareTech.
Tracking the Hide and Seek Botnet
Hide and Seek (HNS) is a malicious worm which mainly infects Linux based IoT devices and routers. The malware spreads via bruteforcing SSH/Telnet credentials, as
The post Tracking the Hide and Seek Botnet appeared first on MalwareTech.
Best Languages to Learn for Malware Analysis
One of the most common questions Iβm asked is βwhat programming language(s) should I learn to get into malware analysis/reverse engineeringβ, to answer this question Iβm going to write about the top 3 languages which Iβve personally found most useful. Iβll focus on native malware (malware which does not require β¦
The post Best Languages to Learn for Malware Analysis appeared first on MalwareTech.
Investigating Command and Control Infrastructure (Emotet)
Although the majority of botnets still use a basic client-server model, with most relying on HTTP servers to receive commands, many prominent threats now use more advanced infrastructure to evade endpoint blacklisting and be resilient to take-down. In this article I will go through and explain my process of identifying β¦
The post Investigating Command and Control Infrastructure (Emotet) appeared first on MalwareTech.
