I am an avid user of binwalk since it automates the initial reverse engineering work. It identifies the compression if any, and file format of a given firmware fairly easily once you take care of the false positives. Last week I built a virtual machine (VM) using a minimal install of Xubuntu Linux. My last […]
It’s often surprising how many malware programmers forget to do the simplest things. Mostly because many are so concerned with functionality, stealthiness and other production concerns, that details slip easily of their minds – a clear advantage to forensics. One of these details is the Program DataBase (PDB) information added by Visual Studio, which most malware authors used for Windows development. While it may seem innocuous, this string reveals a lot about the operating system used by the author, its user name and most notably, symbols that can be used by IDA and ease understanding of the disassembly.
The European Network and Information Security Agency (ENISA) release a paper about general vulnerabilities that is affecting or will affect mobile communications. The organization surveyed experts via different medias to gather concerns from the industry about the future of wireless communications. The document discusses security issues about three different types of devices, each using wireless […]