http://sei.cmu.edu/feeds/tag/Updates on changes and additions to the SEI Blog for posts matching Malware Analysisen-usMon, 19 Sep 2022 00:00:00 -0400https://www.sei.cmu.edu/blog/using-alternate-data-streams-in-the-collection-and-exfiltration-of-data/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesIn this blog post, we describe how attackers obscure their activity via alternate data streams (ADSs) and how to defend against malware attacks that employ ADSs.Dustin Updyke, Molly JaconskiMon, 19 Sep 2022 00:00:00 -0400https://www.sei.cmu.edu/blog/using-alternate-data-streams-in-the-collection-and-exfiltration-of-data/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesVulnerability AnalysisVulnerability DiscoveryVulnerability MitigationMalware AnalysisMalwarehttps://www.sei.cmu.edu/blog/vulnerabilities-everybodys-got-one/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesIn this post, Leigh Metcalf describes how she pulled data from the malvuln project to explore recent vulnerabilities in both malware and non-malware to study the differences.Leigh MetcalfWed, 16 Jun 2021 00:00:00 -0400https://www.sei.cmu.edu/blog/vulnerabilities-everybodys-got-one/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesCERT/CC VulnerabilitiesVulnerability AnalysisMalware AnalysisMalwarehttps://www.sei.cmu.edu/blog/snake-ransomware-analysis-updates/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesIn January 2020, Sentinel Labs published two reports on Snake (also known as Ekans) ransomware.[1][2] The Snake ransomware gained attention due to its ability to terminate specific industrial control system (ICS) processes....Kyle O'MearaMon, 23 Mar 2020 00:00:00 -0400https://www.sei.cmu.edu/blog/snake-ransomware-analysis-updates/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMalware AnalysisSecurity VulnerabilitiesCERT/CChttps://www.sei.cmu.edu/blog/path-finding-in-malicious-binaries-first-in-a-series/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesIn a previous post, I discussed the Pharos Binary Analysis Framework and tools to support reverse engineering of binaries with a focus on malicious code analysis. Recall that Pharos is....Jeff GennariMon, 10 Dec 2018 00:00:00 -0500https://www.sei.cmu.edu/blog/path-finding-in-malicious-binaries-first-in-a-series/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesReverse Engineering for Malware AnalysisMalware AnalysisCyber MissionsMalwarehttps://www.sei.cmu.edu/blog/prioritizing-malware-analysis/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesIn early 2012, a backdoor Trojan malware named Flame was discovered in the wild. When fully deployed, Flame proved very hard for malware researchers to analyze....José MoralesMon, 04 Nov 2013 00:00:00 -0500https://www.sei.cmu.edu/blog/prioritizing-malware-analysis/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesVulnerability AnalysisSecurity VulnerabilitiesMalware AnalysisMalwareCERT/CChttps://www.sei.cmu.edu/blog/how-ontologies-can-help-build-a-science-of-cybersecurity/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesExplore how ontologies can contribute to building a science of cybersecurity in this SEI Blog post.David Mundie, The CERT Insider Threat CenterTue, 12 Mar 2013 00:00:00 -0400https://www.sei.cmu.edu/blog/how-ontologies-can-help-build-a-science-of-cybersecurity/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMalware AnalysisInsider Threathttps://www.sei.cmu.edu/blog/study-of-malicious-domain-names-tld-distribution/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesHello, folks. This post comes to you courtesy of Aaron Shelmire from the Network Situational Awareness team....Chad DoughertyTue, 31 Aug 2010 00:00:00 -0400https://www.sei.cmu.edu/blog/study-of-malicious-domain-names-tld-distribution/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesVulnerability AnalysisSecurity VulnerabilitiesNetwork Situational AwarenessMalware AnalysisCERT/CChttps://www.sei.cmu.edu/blog/top-10-top-level-and-second-level-domains-found-in-malicious-software/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesHello folks. This post comes to you courtesy of Ed Stoner and Aaron Shelmire from the Network Situational Awareness group at CERT....Chad DoughertyFri, 05 Mar 2010 00:00:00 -0500https://www.sei.cmu.edu/blog/top-10-top-level-and-second-level-domains-found-in-malicious-software/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMalware AnalysisVulnerability AnalysisSecurity VulnerabilitiesCERT/CC