Tag: reverse-engineering
-
IoT Security Gaps Put Enterprises at Risk
by
in SecurityNewsDennis Giese on Reverse Engineering, Flawed Authentication, Poor Threat Modeling. IoT security flaws expose users and businesses to serious risks. Weak authentication methods allow attackers to manipulate devices, leading to data breaches and privacy violations. Reverse engineering highlights these weaknesses, said Dennis Giese, IoT security and privacy researcher. First seen on govinfosecurity.com Jump to article:…
-
11 hottest IT security certs for higher pay today
by
in SecurityNews
Tags: access, attack, automation, business, cloud, container, control, corporate, credentials, cyber, cybersecurity, data, defense, encryption, exploit, finance, fortinet, google, governance, incident response, infosec, intelligence, Internet, jobs, linux, malicious, malware, monitoring, network, penetration-testing, remote-code-execution, resilience, reverse-engineering, risk, risk-assessment, risk-management, skills, software, technology, threat, tool, training, vulnerability, windowsOffensive Security Certified Expert (OSCE): OffSec’s Offensive Security Certified Expert consists of three courses: Advanced Web Attacks and Exploitation, Advanced Evasion Techniques and Breaching Defenses, and Windows User Mode Exploit Development. The format for each course exam is the same: Candidates have 48 hours to compromise a given target using various techniques. No formal prerequisites exist for any of the…
-
DragonForce Ransomware – Reverse Engineering Report
by
in SecurityNewsFirst seen on resecurity.com Jump to article: www.resecurity.com/blog/article/dragonforce-ransomware-reverse-engineering-report
-
NSA Adds Innovative Features to Ghidra 11.3 Release
by
in SecurityNewsThe National Security Agency (NSA) has unveiled Ghidra 11.3, the latest iteration of its open-source software reverse engineering (SRE) framework, introducing transformative features that streamline vulnerability analysis and collaborative research. This release”, coded internally as >>NSA Adds Innovative Features to Ghidra 11.3 Release
-
Technical Analysis of Xloader Versions 6 and 7 – Part 2
by
in SecurityNews
Tags: cloud, communications, control, data, encryption, malware, network, reverse-engineering, threat, updateThis is Part 2 of our two-part technical analysis on Xloader versions 6 and 7. For details on how Xloader conceals its critical code and data, go to Part 1.IntroductionIn Part 2 of this blog series, we examine how Xloader obfuscates the command-and-control (C2) code and data to complicate analysis. We will also delve into…
-
Ghidra 11.3 Released A Major Update to NSA’s Open-Source Tool
by
in SecurityNews
Tags: cyber, cybersecurity, linux, macOS, open-source, reverse-engineering, software, tool, update, windowsThe National Security Agency (NSA) has officially released Ghidra 11.3, the latest iteration of its open-source software reverse engineering (SRE) framework. Known for its robust capabilities in analyzing compiled code across multiple platforms, including Windows, macOS, and Linux, this release introduces significant enhancements aimed at improving performance and usability for cybersecurity professionals. One of the…
-
Ghidra 11.3 released: New features, performance improvements, bug fixes
by
in SecurityNewsNSA’s Research Directorate released version 11.3 of Ghidra, an open-source software reverse engineering (SRE) framework. It offers advanced analysis tools, enabling users to … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/07/ghidra-11-3-released-new-features-performance-improvements-bug-fixes/
-
Reverse engineering your test data: It’s not as safe as you think it is
by
in SecurityNewsNot all approaches to data de-identification and anonymization are created equal. Many approaches leave your data exposed to the very real risk of re-identification. Here’s how that can happen and how to avoid it. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/reverse-engineering-your-test-data-its-not-as-safe-as-you-think-it-is/
-
PoC Exploit Released for TP-Link Code Execution Vulnerability(CVE-2024-54887)
by
in SecurityNewsA security researcher, exploring reverse engineering and exploit development, has successfully identified a critical vulnerability in the TP-Link TL-WR940N router, specifically affecting hardware versions 3 and 4 with all firmware up to the latest version. This vulnerability, which has been documented as CVE-2024-54887, allows for potential arbitrary remote code execution (RCE) through stack buffer overflow…
-
DEF CON 32 Reverse Engineering And Hacking Ecovacs Robots
by
in SecurityNewsAuthors/Presenters: Dennis Giese, Braelynn Hacker Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/def-con-32-reverse-engineering-and-hacking-ecovacs-robots/
-
Genetic Engineering Meets Reverse Engineering: DNA Sequencer’s Vulnerable BIOS
by
in SecurityNewsEclypsium’s research team has identified BIOS/UEFI vulnerabilities in a popular DNA gene sequencer made by Illumina, a leading genomics and healthcare technology vendor. More specifically, we found that the Illumina iSeq 100 used a very outdated implementation of BIOS firmware using CSM mode and without Secure Boot or standard firmware write protections. This would allow……
-
4 Wege zu neuer Cyberabwehrstärke
by
in SecurityNews
Tags: ai, antivirus, application-security, backdoor, cio, cloud, crypto, cyberattack, cybersecurity, data-breach, ddos, detection, hacker, iot, phishing, RedTeam, reverse-engineering, tool, vulnerabilityAnurag Goyal ist Head of Cybersecurity beim Plattformanbieter RedDoorz. Darüber hinaus hat er sich auch als Sicherheitsforscher und Ethical Hacker einen Namen gemacht. Anurag Goyal 3. Red Teaming Red Teaming stellt einen dynamischen und umfassenden Ansatz dar, um die Cyberresilienz von Organisationen zu bewerten und zu optimieren. Dabei simulieren Security-Profis ausgeklügelte Cyberattacken und ahmen dazu…
-
AMD data center chips vulnerable to revealing data through ‘BadRAM’ attack
by
in SecurityNews
Tags: access, advisory, attack, best-practice, cloud, cve, data, encryption, exploit, finance, firmware, flaw, germany, Hardware, mitigation, monitoring, reverse-engineering, software, update, vulnerabilityAMD’s Secure Encrypted Virtualization (SEV), meant to protect processor memory from prying eyes in virtual machine (VM) environments, can be tricked into giving access to its encrypted memory contents using a test rig costing less than $10, researchers have revealed.Dubbed “BadRAM” by researchers from the University of Lübeck in Germany, KU Leven in Belgium, and…
-
Researchers Released hrtng IDA Pro Plugin for Malware Analyst to Make Reverse Engineering Easy
by
in SecurityNewsThe Global Research and Analysis Team (GReAT) has announced the release of hrtng, a cutting-edge plugin for IDA Pro, one of the most prominent tools for reverse engineering. Designed specifically to enhance the efficiency of malware analysis, hrtng provides analysts with powerful features that automate and simplify the otherwise intricate tasks involved in dissecting malicious binaries. The…
-
Sixgen’s Kyrus Acquisition Boosts National Cybersecurity
by
in SecurityNewsBuy of Washington D.C.-Area Firm Adds Reverse Engineering, Data Analytics Expertise. Sixgen will enhance its cybersecurity operations through the purchase of Washington D.C.-area Kyrus. The move introduces reverse engineering and analytics expertise to Sixgen’s portfolio, aligning with its mission to protect critical infrastructure and bolster American cyber defense capabilities. First seen on govinfosecurity.com Jump to…
-
17 hottest IT security certs for higher pay today
by
in SecurityNews
Tags: access, ai, attack, automation, blockchain, business, ceo, cisa, ciso, cloud, communications, conference, container, control, credentials, cryptography, cyber, cybersecurity, data, defense, detection, encryption, exploit, finance, fortinet, google, governance, group, guide, hacker, incident response, infosec, infrastructure, intelligence, Internet, jobs, monitoring, network, penetration-testing, privacy, reverse-engineering, risk, risk-management, skills, software, technology, threat, tool, training, windowsWith the New Year on the horizon, many IT professionals may be looking to improve their careers in 2025 but need direction on the best way. The latest data from Foote Partners may provide helpful signposts.Analyzing more than 638 certifications as part of its 3Q 2024 “IT Skills Demand and Pay Trends Report,” Foote Partners…
-
iOS 18 added secret and smart security feature that reboots iThings after three days
by
in SecurityNews
Tags: reverse-engineeringSecurity researcher’s reverse engineering effort reveals undocumented reboot timer that will make life harder for attackers First seen on theregister.com Jump to article: www.theregister.com/2024/11/19/ios_18_secret_reboot/
-
DEF CON 32 Reverse Engineering MicroPython Frozen Modules
by
in SecurityNewsAuthors/Presenters: Wesley McGrew Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/11/def-con-32-reverse-engineering-micropython-frozen-modules/
-
x64dbg: Open-source binary debugger for Windows
by
in SecurityNewsx64dbg is an open-source binary debugger for Windows, designed for malware analysis and reverse engineering of executables without access to the sourc… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/08/19/x64dbg-open-source-binary-debugger-windows/
-
Reverse engineering eBPF programs
by
in SecurityNews
Tags: reverse-engineeringFirst seen on securityboulevard.com Jump to article: securityboulevard.com/2024/06/reverse-engineering-ebpf-programs/
-
USENIX Security ’23 AIFORE: Smart Fuzzing Based on Automatic Input Format Reverse Engineering
by
in SecurityNews
Tags: reverse-engineeringAuthors/Presenters:Ji Shi, Zhun Wang, Zhiyao Feng, Yang Lan, Shisong Qin, Wei You, Wei Zou, Mathias Payer, Chao Zhang Many thanks to Presenter… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/06/usenix-security-23-aifore-smart-fuzzing-based-on-automatic-input-format-reverse-engineering/
-
Ghidra: Open-source software reverse engineering framework
by
in SecurityNewsGhidra, a cutting-edge open-source software reverse engineering (SRE) framework, is a product of the National Security Agency (NSA) Research Directora… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/06/17/ghidra-nsa-open-source-software-reverse-engineering-framework/
-
Radare: Open-source reverse engineering framework
by
in SecurityNewsRadare is an open-source UNIX-like reverse engineering framework and command-line toolset. It can be scripted, modified, and used for batch analysis. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/06/10/radare-open-source-reverse-engineering-framework/
-
Hackers Leverage AI as Application Security Threats Mount
by
in SecurityNewsReverse-engineering tools, rising jailbreaking activities, and the surging use of AI and ML to enhance malware development were among the worrying tre… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/05/hackers-leverage-ai-as-application-security-threats-mount/
-
Reverse Engineering Electron Apps to Discover APIs
by
in SecurityNewsLearn how to reverse engineer an Electron app to find artifacts like source code and API endpoints, and capture live traffic with Burp Suite. The post… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/05/reverse-engineering-electron-apps-to-discover-apis/
-
[Video] Practical Exploitation of Embedded Systems
by
in SecurityNewsPRESENTATION ABSTRACT: For the 10th anniversary of HITB we keep it old school with an in-depth exploration of the reverse engineering and exploitation… First seen on http: Jump to article: feedproxy.google.com/~r/SecurityTube/~3/fTY9fOE2J-0/6320
-
[Video] REVERSE ENGINEERING A MASS TRANSIT TICKETING SYSTEM
by
in SecurityNewsThis talk will look at different techniques used in black-box reverse engineering of data storage formats, focusing on a case study of an outdated mas… First seen on http: Jump to article: feedproxy.google.com/~r/SecurityTube/~3/awRyxAufxDQ/6202
-
[Video] SkyDogCon 2012 – RE, CND, Geopolitics, Oh My!
by
in SecurityNewsThis session will delve into reverse engineering on a highly publicized piece of malware. A VMware image or ISO image will be made available to the at… First seen on http: Jump to article: feedproxy.google.com/~r/SecurityTube/~3/JsRYZLrk_Ok/6151
-
[Video] Re-Engineering Android Applications
by
in SecurityNewsThis video is all about how Attacker making changes in Android app using Reverse-Engineering for insert additional functionality, and recompiling, but… First seen on http: Jump to article: feedproxy.google.com/~r/SecurityTube/~3/oaw85kNV49I/6057