This is an announcement for the upcoming Cysinfo cyber security community meetup on 17th September 2016 in Bangalore, India. This meet is completely free and doesn’t require any registration or any other formalities to attend. The meet will start at 9:30 AM IST. [jtrt_tables id=”4310″] Venue: Amrita University (Amrita Vishwa Vidyapeetham) Bengaluru Campus Kasavanahalli, Carmelaram P.O. […]
In late December a cyber attack caused power outage for few hours in the Ivano-Frankivsk region in Ukraine as mentioned here. Threat researchers from ESET linked this attack to a malware called “BlackEnergy” which attacked electricity distribution companies in Ukraine. This blog post contains the memory analysis details of BlackEnergy big dropper (SHA-1:896FCACFF6310BBE5335677E99E4C3D370F73D96) mentioned in […]
A number of devices are running Linux due to its flexibility and open source nature. This has made Linux platform the target for malware attacks, so it becomes important to analyze the Linux malwares. Today, there is a need to analyze Linux malwares in an automated way to understand its capabilities. Limon is a sandbox […]
A number of devices are running Linux due to its flexibility and open source nature. This has made Linux platform the target for malware attacks, so it becomes important to analyze the Linux malwares. Today, there is a need to analyze Linux malwares in an automated way to understand its capabilities. Limon is a sandbox […]
Many times while doing memory analysis (or malware analysis) an analyst would be presented with lots of data and analyst has to manually find the malicious artifacts from that data which takes time and effort. This tool helps in solving that problem by comparing the results between the clean and infected memory images. This tool […]
Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect the Linux malware before execution, during execution, and after execution (post-mortem analysis) by performing static, dynamic and memory analysis using open source tools. Limon […]
In this meet, Adarsh Agarwal delivered presentation on “Understanding Cryptolocker (Ransomware) with a Case study”, Satyam Saxena covered the topic on “Malicious Client Detection using Machine Learning”, Abhinav Chourasia presented on “Buffer Overflow Attacks”, Anirudh Duggal presented on “Fingerprinting Healthcare Institutions” and Monnappa K A presented on the topic “Reversing and Investigating Malware Evasive Tactics […]
In this presentation, Monnappa explained the concept of code injection and hollow process injection. He demonstrated the working of hollow process injection using reverse engineering and showed how such infections can be detected and investigated using memory forensics Presentation: Demo 1 – Understanding Hollow Process Injection Using Reverse Engineering: Demo 2 – Investigating […]
In this presentation, Anirudh Duggal covered the techniques used to fingerprint vulnerable hospitals and healthcare infrastructure using web based tools. He also explained the potential attack points and the measures that can be taken to secure such infrastructure. Presentation:
In this presentation, Abhinav chourasia covered the concept of Buffer Overflow and he also demonstrated how one can exploit a vulnerable application and take control of a system and execute arbitrary commands on the system Presentation: