Malware Analysis
Blog Posts
Using Alternate Data Streams in the Collection and Exfiltration of Data
In this blog post, we describe how attackers obscure their activity via alternate data streams (ADSs) and how to defend against malware attacks that employ ADSs.
Read More• By Dustin D. Updyke , Molly Jaconski
In Cybersecurity Engineering
Vulnerabilities: Everybody’s Got One!
In this post, Leigh Metcalf describes how she pulled data from the malvuln project to explore recent vulnerabilities in both malware and non-malware to study the differences.
Read More• By Leigh B. Metcalf
In CERT/CC Vulnerabilities
Snake Ransomware Analysis Updates
In January 2020, Sentinel Labs published two reports on Snake (also known as Ekans) ransomware.[1][2] The Snake ransomware gained attention due to its ability to terminate specific industrial control system …
Read More• By Kyle O'Meara
In CERT/CC Vulnerabilities
Path Finding in Malicious Binaries: First in a Series
In a previous post, I discussed the Pharos Binary Analysis Framework and tools to support reverse engineering of binaries with a focus on malicious code analysis. Recall that Pharos is....
Read More• By Jeff Gennari
In Reverse Engineering for Malware Analysis
Prioritizing Malware Analysis
In early 2012, a backdoor Trojan malware named Flame was discovered in the wild. When fully deployed, Flame proved very hard for malware researchers to analyze....
Read More• By Jose A. Morales
In CERT/CC Vulnerabilities
How Ontologies Can Help Build a Science of Cybersecurity
Explore how ontologies can contribute to building a science of cybersecurity in this SEI Blog post.
Read More• By Dave Mundie , CERT Insider Threat Center
In Insider Threat
Study of Malicious Domain Names: TLD Distribution
Hello, folks. This post comes to you courtesy of Aaron Shelmire from the Network Situational Awareness team....
Read More• By Chad Dougherty
In CERT/CC Vulnerabilities
Top-10 Top Level and Second Level Domains Found in Malicious Software
Hello folks. This post comes to you courtesy of Ed Stoner and Aaron Shelmire from the Network Situational Awareness group at CERT....
Read More