This is a tutorial on how to reverse engineer shellcode in malware with Radare2. Spoilers! MalwareTech published a small challenge on his Twitter for reverse engineering embedded shellcode inside of the malware. I thought this was a great opportunity to write a small tutorial on how to do this with
Earlier today in the U.S. Capitol Visitor Center, the EFF convened a closed-door briefing for Senate staff about the realities of device encryption. While policymakers hear frequently from the FBI and the Department of Justice about the dangers of encryption and the Going Dark problem, they rarely hear from engineers, cryptographers,
Security researchers have spotted the first-ever ransomware exploiting Process Doppelgänging, a new fileless code injection technique that could assist malware evade detection. The Process Doppelgänging attack takes advantage of a built-in Windows function and an outdated implementation of Windows process loader, and works on all versions of Windows OS, including Windows version 10.