Malware Research

April 05, 2017
Reverse Engineering Malware 101 Workshop
Posted By:
Categories :

Reverse engineering already sounds like black magic, when in reality it simply entails lots of practice and strong foundations in computer science concepts. Think of it like learning a new language. First, you must know the building blocks to a sentence, and then keep practicing until you can speak fluently. Reverse engineering works the same way. Malware analysts and researchers use reverse engineering as a tool to understand the behavior of the malware sample in order to detect, prevent, or get rid of it.

March 23, 2017
Protecting Against Shamoon 2 and Stonedrill: In the Crossfire of Geopolitics and Wiper Malware

At the end of January, Saudi Arabia’s telecom authority issued an alert warning about Shamoon 2, a wiper malware that hit several organizations, including three government agencies and four private sector companies.

March 06, 2017
Dropping AtomBombs: Detecting DridexV4 in the Wild

Banking trojans have been around for years, but gained greater visibility in 2015 and into 2016 as they moved from targeting European banks to American banks. We previously discussed the Odinaff banking trojan, which was responsible for the SWIFT attacks, and the theft of close to $1 billion.

February 21, 2017
Lessons from the Trenches: Obfuscation and Pattern Recognition
Posted By:
Categories :

Code deobfuscation and pattern recognition are as much an art as a science. In the past, we’ve talked about automating many aspects of proactive detection, such as through delta analysis, scripts, or crawling the web for exploits.

February 09, 2017
World, Meet MalwareScore

Sharing ideas, tools, and techniques among our community of defenders makes everyone sharper and safer.

Endgame Machine Learning Engine Featured in VirusTotal

Signature-Less Endpoint Prevention and Detection Proven to Anticipate Latest Attacker Innovations

February 08, 2017
Endgame and Morphick: Closing the Gap in Advanced Cyber Threat Response

In my recently released book Facing Cyber Threats Head On, I spend a lot of time discussing how contemporary cyber security is just as much about stopping people (the attackers) as it is about stopping malware.  When you look at it, stopping people is a different problem and requires a different approach than stopping malware.  At the end of the day, people create and adjust strategies based on what they experience.  Computer programs do not.

Endgame Leapfrogs EDR Incumbents; Dramatically Expanding Preventions and Detections to Stop Zero Days, Malwareless Attacks, and Ransomware

Platform updates solve for industry failures by offering the only end-to-end EDR solution that instantly immobilizes attackers in time to prevent damage and loss 

Endgame Announces Artemis: ‘Siri for Security’ to Transform SOC Operations

AI-powered chatbot bolsters security analysts to accelerate attack detection and response 

January 17, 2017
Dude! Where's my Ransomware?: A Flare-On Challenge
Posted By:
Categories :

There are many tricks to the tradecraft when analyzing unknown binaries, and it requires constant honing of skills to stay on top of the latest malware and campaigns. Solving reverse-engineering challenges is one way to keep your skills sharp. In our previous post, we discussed some tips from the Flare-On Challenge.