SECRET
  • Home
  • About
  • People
  • Awards
  • Projects
  • Partners
  • Publications
  • News
  • Contact

malware

malware

Book Review: Using Science in CyberSecurity

In this post, I present my impressions of this book I recently read. Why Am I Reading It? To start, I think it’s important to give some context, as things cannot be interpreted absolutely. In the book’s preface, the authors state that the book is targeting a wide audience, from Read more…

By Marcus Botacin, 1 year1 year ago
malware

From CobaltStrike detection ideas to SECRET papers

Another day I was watching this video (link and player below) about ideas on how to detect injection attacks via CobaltStrike, which is such a powerful offensive testing solution. I realized that many of the ideas presented in the video somehow relate to SECRET papers; Here I explain how. The Read more…

By SECRET, 2 years2 years ago
malware

Thoughts on Solarwinds’ samples

In case you are a security professional, you likely already know about the Solarwinds hacking case. In case you aren’t, you can check it here. In a brief, their software was backdoor-ed and distributed to many customers. Here are our thoughts about the case and the associated payloads. An important Read more…

By SECRET, 2 years2 years ago
malware

A Ransomware has landed! @Embraer

Another day, another ransomware! It seems Brazil has been facing a ransomware wave and this time Embraer, the Brazilian aircraft manufacturer, was the target (Check news here). Here our brief analysis goes. The file said to have attacked Embraer is available in our sandbox solution (link here). It is a Read more…

By SECRET, 2 years2 years ago
malware

Brazilian Justice Court Ransomware: Another piece in the Puzzle

We have previously analyzed a malware sample claimed to have attacked the Brazilian Justice Court (Check here). After that, a new payload arrived. It is a Windows malware–available on Virustotal (check here)–, such that we are not sure what is its relation with the previous Linux one. Anyway, let’s analyze Read more…

By SECRET, 2 years2 years ago
malware

A Ransomware in a Brazilian Justice Court

Yesterday, the world got the news that the Brazilian Supreme Justice Court was the target of a ransomware attack, and had all of their data (and backup) encrypted (check here). What really motivated this attack is still unclear, and several questions arise: Was it performed by a cyber criminal? A Read more…

By SECRET, 2 years2 years ago
competition

Adversarial Malware in Machine Learning Detectors: Our MLSEC 2020’s SECRETs

If you read any of the SECRET papers, it is not a SECRET for you that using Machine Learning (ML) to detect malware is a challenging endeavor. In one of these papers, we presented the results of our participation in a machine learning-based malware detection evasion challenge dating back 2019. Read more…

By Fabrício Ceschin and Marcus Botacin, 2 years2 years ago
malware

An Obfuscation Tour

Obfuscation is often used by malware samples to hide their SECRETs, but we know how to uncover them. Want to know as well? Check our guide here.

By Marcus Botacin, 3 years2 years ago
Recent Posts
  • Adversarial Machine Learning, Malware Detection, and the 2021’s MLSEC Competition
  • Book Review: Using Science in CyberSecurity
  • From CobaltStrike detection ideas to SECRET papers
  • Thoughts on Solarwinds’ samples
  • A Ransomware has landed! @Embraer
Archives
  • September 2021
  • July 2021
  • December 2020
  • November 2020
  • September 2020
  • June 2020
  • May 2020
  • April 2020
  • February 2020
  • November 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
Categories
  • banking
  • competition
  • machine learning
  • malware
  • News
  • papers
  • ransomware
  • sbseg
Informatics Department (DInf) - UFPR
© 2023 SECRET - SECurity & Reverse Engineering Team laboratory