The Latest in IT Security

Posts Tagged ‘stack’

In the McAfee Labs blog we have covered many techniques that malware uses to evade code-based detection. In my previous blog I discussed procedure prologue and procedure epilogue techniques to evade security systems. We recently came across one more set of fake-alert samples that use a different technique to evade detection. This technique is related […]

Read more ...

Recently we experimented with our generic unpacking heuristics. Our goal was to unpack a potentially malicious binary and dump the executable from memory to a file. During our experiments we saw a few unknown packers from which we successfully unpacked the binary; with these, however, we dumped the memory but we missed some code in […]

Read more ...

A low level file system driver was bundled with the latest version of Backdoor.Proxybox named “rxsupply”. The malicious driver was designed to deny access to the files used by the malware in order to improve persistence on compromised computers. The driver functionality and methods used for hooking kernel file system access are described below. Figure 1. […]

Read more ...


Categories

SATURDAY, OCTOBER 16, 2021
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments