Phylax Systems的动态

?? In a recent enlightening post by Marcus Hutchins, which mentioned?'stackstrings' a clever technique employed by malware to evade detection by hiding text strings from static analysis tools. Building on that discussion, I'd like to introduce two additional, yet simple and elegant techniques to achieve the same thing, As you can see in the picture, the 'T' has the handle for 'kernel32.dll' using the three methods. Regarding the location of the string, all of them reside on the stack. Just take a look at the addresses of those variables for a clearer understanding. link to the post by Marcus: https://lnkd.in/eAB4Jy_W ????????: check this => https://lnkd.in/ewuQRvNW

Chainguard's response to CVE-2024-3094, aka the backdoor in xz library: https://lnkd.in/e3-drGxv TLDR: If you use Chainguard Images, our minimal images do not include?SSH?or?liblzma?by default, thus protecting our users and customers from upstream attack vectors if our solutions were to be targeted. Chainguard’s approach to rapid updates also plays an important factor in our vulnerability response time. Within a few hours, we were able to identify use of the affected?liblzma?package in Images, withdraw it from our environments and rebuild Images with the unaffected versions to protect our users and customers.

I just published Nuclei: The Ultimate Guide to Fast and Customizable Vulnerability Scanning https://lnkd.in/dRBDmt5d

There is funding widely available for: - Adding more features, call now! - Finding and fixing security holes, find your bounty! There is insufficient or NULL funding for: - Long term maintenance. - Triaging , Reproducing, Isolating bugs. - Removing features or protocols that are obsolete or dangerous - Gracefully retiring components that are no longer actively developed, yet in widespread use.

AI is an evolving landscape with its implications for data security. Rob Juncker, SVP of Product & Engineering at Mimecast, explores the challenges and opportunities in managing AI-generated content and IP protection. Dive into the discussion for insights on staying secure in 2025 and beyond.

As in the early days of open source, fear of vulnerabilities and risk is slowing the adoption of AI-generated code and preventing organizations from realizing its full potential. ?? Learn more about securing AI-generated code with the help from Synopsys?? : https://bit.ly/3wESnZ0

Needing an explanation of the "SlashandGrab" Screenconnect vulnerability so simple that even your grandma can understand? https://lnkd.in/gviGUZcK

Explore the Penpie Hack Analysis! Learn how a reentrancy vulnerability led to a $27M loss. Uncover the details of the exploit and discover key strategies to protect your protocols. Read more on our blog: https://lnkd.in/dS3rzc98

?? New Lab Announcement: Developer Mistake or Insider Risk ?? Link: https://lnkd.in/d7wwtv4a I'm excited to announce the launch of our latest hands-on lab! ???? In this lab, you will dive deep into how attackers exploit seemingly legitimate scripts to create backdoors, leading to full system compromise. You'll explore how to: ?? Investigate attacker techniques like system enumeration and persistence ?? Detect command-and-control (C2) communication ?? Analyze system logs and identify malicious activity Perfect for anyone looking to enhance their Memory & Disk Forensic skills! #Cybersecurity #Infosec #ThreatDetection #MalwareAnalysis #C2Framework #ThreatHunting #SecurityLabs #BlueTeam #CyberAwareness #DFIR #MemoryForensic #Forensic