Writing a Malware Config Parser Using Radare2 and Ruby
/Radare2 has been receiving a lot of attention lately. Rather than browsing through some of the documentation, I decided to try and port some existing code to use Radare.
Read MoreRadare2 has been receiving a lot of attention lately. Rather than browsing through some of the documentation, I decided to try and port some existing code to use Radare.
Read MoreYet another new credit card dumping utility has been discovered. BernhardPOS is named after (presumably) it’s author who left in the build path of “C:bernhardDebugbernhard.pdb” and also uses the name Bernhard in creating the mutex “OPSEC_BERNHARD”. This utility does several interesting things to evade antivirus detection. We’ll talk over some of them in detail. Details about the sample, including a hash are available at the end of this writeup.
Read MoreThe Home Depot breach was a very high profile case this year, which brought the security of point of sale machines into the spotlight. After some mumblings and a bunch of misinformation about who/what and how the attack came about, little pieces of information started to make their way to the surface. Several of which were reports a new malware dubbed “Mozart.”
Read MoreMorphick Cyber Security, Inc
Recent Posts From MGMT