Danie van der Merwe

7 open-source malware analysis tools you should try out

Wed, 24 Aug 2022 07:55:49 -0300

gadgeteer@hub.netzgemeinde.eu

There are two main types of malware analysis: static and dynamic.

Performing static analysis of a malicious binary means concentrating on analysing its code without executing it. This type of analysis may reveal to malware analysts not only what the malware does, but also its developer’s future intentions (e.g., currently unfinished functionalities).

Dynamic analysis looks at the behaviour of the malware when it’s run – usually in a virtual sandbox. This type of analysis should reveal the malware’s behaviour and any detection evasion techniques it uses.

Malware analysis benefits security analysts by allowing them to, among other things:
* Identify hidden indicators of compromise (IOCs).
* Boost the effectiveness of IOC notifications and warnings.
* Triage incidents according to severity.
* All the malware analysis tools listed below can be freely downloaded and used.

See 7 open-source malware analysis tools you should try out - Help Net Security

#technology #malware #opensource #security

All the open-source malware analysis tools listed in this article are highly rated, well-maintained, and can be freely downloaded and used.

technology malware security opensource

Hundreds of e-commerce sites booby-trapped with payment card-skimming malware - The hacked sites were running outdated Magento 1 e-commerce platform

Fri, 11 Feb 2022 12:09:28 -0300

Danie van der Merwe

gadgeteer@hub.netzgemeinde.eu

About 500 e-commerce websites were recently found to be compromised by hackers who installed a credit card skimmer that surreptitiously stole sensitive data when visitors attempted to make a purchase.

“The Natural Fresh skimmer shows a fake payment popup, defeating the security of a (PCI compliant) hosted payment form,” firm researchers wrote on Twitter. “Payments are sent to https://naturalfreshmall[.]com/payment/Payment.php.”

If your credit card company provides single use, or pausable, virtual cards, it is well worth the effort to make use of those. You can use a virtual card once, and then delete it. This is especially necessary on foreign, or never before used, sites. For regular payments, I've set up a separate virtual card with a tight monthly limit.

See Hundreds of e-commerce sites booby-trapped with payment card-skimming malware

#technology #ecommerce #malware #fraud #security

Magecart hackers strike again.

technology fraud security malware ecommerce

New SysJoker backdoor targets Windows, macOS, and Linux, providing advanced backdoor capabilities

Sat, 15 Jan 2022 11:51:35 -0300

Danie van der Merwe

gadgeteer@hub.netzgemeinde.eu

A new multi-platform backdoor malware named 'SysJoker' has emerged in the wild, targeting Windows, Linux, and macOS with the ability to evade detection on all three operating systems. The malware is written in C++, and while each variant is tailored for the targeted operating system, they are all undetected on VirusTotal, an online malware scanning site that uses 57 different antivirus detection engines.

The discovery of the new malware comes from researchers at Intezer who first saw signs of its activity in December 2021 after investigating an attack on a Linux-based web server.

The security analysts have now published a detailed technical report on SysJoker, which they shared with Bleeping Computer before publication.

See New SysJoker backdoor targets Windows, macOS, and Linux

#technology #malware #sysjoker

A new multi-platform backdoor malware named 'SysJoker' has emerged in the wild, targeting Windows, Linux, and macOS with the ability to evade detection on all three operating systems.

technology malware security