The Latest in IT Security

Dissecting Flash with EASE

07
Oct
2011

EASE stands for Experimental ActionScript Emulator, and besides being a pun of debatable quality, it is the in-house tool we at FortiGuard use to analyse malicious Flash samples, unpack obfuscated code (if applicable), and automatically detect heap spraying and JIT spraying (two techniques essential to bypass DEP/ASLR when exploiting a vulnerability).

Adobe Flash being nearly ubiquitous today, this is quite a useful tool for analysts and security researchers alike. Now for the bad news, which actually lays in its very name: It’s experimental. But we have good news to balance that: FortiGuard researcher Bing Liu will detail EASE and demo it tomorrow at VirusBulletin 2011, in Barcelona.

So, if you are interested in Flash malware or Flash exploits and you attend the conference, make sure not to miss Bing’s presentation.

And if you missed Crypto Girl‘s presentation yesterday, you can still catch her around the conference – she’s quite easy to spot with her superhero costume.

Leave a reply


Categories

SATURDAY, MARCH 06, 2021
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments