This article is the second part of a series on NSA BIOS Backdoor internals. This part focuses on BULLDOZER, a hardware implant acting as malware dropper and wireless communication “hub” for NSA covert operations. Despite that BULLDOZER is a hardware, I still use the word “malware” when referring to […]
A sequence of data breaches suffered by principal US retailers Target and Neiman Marcus has put Americans on alert. A total of more than a hundred million people may have been a victim of a cyber attacks against POS systems in the stores of the two giants.
The attackers used […]
Two days ago one of my friends contacted me and told me that his organization is receiving suspicious-looking emails. They think that the infection was conducted via “spear phishing” emails. Then I decided to take a deeper look into it.
I went there and saw escalation not only in numbers […]
In the previous article, “Portable Malware Lab for Beginners,” I spoke about nested virtual machines, i.e., deploying a virtual machine with QEMU and Cuckoo. This acts as a base system for our portable malware analysis lab.
However, malware analysis is not limited to execution of a Windows binary; various other […]
Memory forensic is a skill to find out all the artefacts in the memory that is present in the running computer. It is an interesting method to find out what are the running process, open network connections, registry handles, kernel modules etc. It looks rosy when you hear all […]
Malwares are usually packed with custom packers, which make static and dynamic analysis difficult. Some of the static analysis tools do not work on packed samples because packed is not in its real form, also its defeats anti-virus programs which work based on the kind of static signature detection. […]