Steganography enables sophisticated OceanLotus payloads. [Research Saturday]

FromCyberWire Daily

Start listening View podcast show

Steganography enables sophisticated OceanLotus payloads. [Research Saturday]

FromCyberWire Daily

ratings:

Length:

20 minutes

Released:

May 11, 2019

Format:

Podcast episode

Description

Researchers at Blackberry Cylance have been tracking payload obfuscation techniques employed by OceanLotus (APT32), specifically steganography used to hide code within seemingly benign image files.

Tom Bonner is director of threat research at Blackberry Cylance, and he joins us to share their findings.
The original research can be found here:
https://www.cylance.com/en-us/lp/threat-research-and-intelligence/oceanlotus-steganography-malware-analysis-white-paper-2019.html

Released:

May 11, 2019

Format:

Podcast episode

More Episodes from CyberWire Daily

Skip carousel

Retirement plan breach shakes financial giant. by CyberWire Daily
40 min listen
Ransomware is just a prescription for chaos. by CyberWire Daily
31 min listen
An unprecedented surge in credential stuffing. by CyberWire Daily
32 min listen
Encore: Jack Rhysider: Get your experience points in everything. [Media] [Career Notes] by CyberWire Daily
8 min listen
Cerber ransomware strikes Linux. [Research Saturday] by CyberWire Daily
16 min listen
Cyber Talent Insights: Strengthening the cyber talent pipeline apparatus. (Part 3 of 3) [Special Edition] by CyberWire Daily
55 min listen
Kaiser Permanente's privacy predicament. by CyberWire Daily
29 min listen
The shadowy adversary in Cisco's crosshairs. by CyberWire Daily
30 min listen
Iran's covert cyber operations exposed. by CyberWire Daily
42 min listen
Visa crackdown against spyware swindlers. by CyberWire Daily
36 min listen
Renewed surveillance sparks controversy. by CyberWire Daily
36 min listen
Cloud Architect vs Detection Engineer: Mutual benefit. [CyberWire-X] by CyberWire Daily
18 min listen
Encore: Kiersten Todt: problem solving and building solutions. [Policy] [Career Notes] by CyberWire Daily
7 min listen
The art of information gathering. [Research Saturday] by CyberWire Daily
32 min listen
Cyber Talent Insights: Charting your path in cybersecurity. (Part 2 of 3) [Special Edition] by CyberWire Daily
53 min listen
Swift responses to cyberattacks. by CyberWire Daily
31 min listen
From phishing to felony. by CyberWire Daily
34 min listen
The rebirth of Russia's cyber warfare. by CyberWire Daily
32 min listen
Weathering the phishing front. by CyberWire Daily
36 min listen
Hunting vulnerabilities. by CyberWire Daily
32 min listen
AWS in Orbit: Extending the resilient edge to space. [T-Minus AWS in Orbit]: We speak to AWS Aerospace and Satellite, and Iridium about extending the resilient edge to space. by CyberWire Daily
25 min listen
Encore: Stu Sjouwerman: Trying for a win, win, win game. [CEO] [Career Notes] by CyberWire Daily
6 min listen
AWS in Orbit: Building a resilient outernet. [T-Minus AWS in Orbit]: We speak to AWS Aerospace and Satellite, and Rivada Space Networks about enabling secure point-to-point global connectivity, and the opportunities of establishing a low-latency optical-link communication mesh network in low earth orbit. by CyberWire Daily
22 min listen
Breaking down a a high-severity vulnerability in Kubernetes. [Research Saturday] by CyberWire Daily
16 min listen
Cyber Talent Insights: Navigating the landscape for enterprise organizations. (Part 1 of 3) [Special Edition] by CyberWire Daily
44 min listen
Privacy, power, and the path forward. by CyberWire Daily
31 min listen
Apple's worldwide warning on mercenary attacks. by CyberWire Daily
43 min listen
From deadlock to debate on a revised Section 702 bill. by CyberWire Daily
30 min listen
Unraveling a healthcare ransomware web. by CyberWire Daily
30 min listen
A possible breakthrough in data privacy legislation. by CyberWire Daily
32 min listen

Related podcast episodes

Skip carousel

WAV files carry malicious data payloads. [Research Saturday]: WAV files carry malicious data payloads. [Research Saturday] by CyberWire Daily
19 min listen
With Software, Hope Is A Strategy with Jonathan Knudsen: Joining us this week is Jonathan Knudsen, Head of Global Research for the CyRC, cybersecurity research center, at Synopsys Inc. To understand the vulnerability landscape in software, you have to first understand how software is made. Jonathan shares... by To The Point - Cybersecurity
25 min listen
With Software, Hope Is A Strategy with Jonathan Knudsen Part 2: Joining us this week is Jonathan Knudsen, Head of Global Research for the CyRC, cybersecurity research center, at Synopsys Inc. To understand the vulnerability landscape in software, you have to first understand how software is made. Jonathan shares... by To The Point - Cybersecurity
24 min listen
Prioritize Your Open Source Findings with James Rabon: Does your team struggle with prioritizing your security open-source findings? In , James Rabon, Director of Product Management at Micro Focus, will share an approach that can help. Discover how James’ team co-developed “susceptibility analysis,”... by TestGuild Security Testing Podcast
22 min listen
Establishing software root of trust unconditionally. [Research Saturday]: Establishing software root of trust unconditionally. [Research Saturday] by CyberWire Daily
25 min listen
Clipminer: Making millions off of malware. [Research Saturday] by CyberWire Daily
16 min listen
135: The D.R. Incident: The D.R. Incident by Darknet Diaries
45 min listen
December 15, 2020: SolarWinds Orion carrying malware Multiple US agencies impacted by SolarWinds supply-chain attack New EU data use legislation could lead to big tech fines Thanks to our sponsor ReversingLabs Cybersecurity staffing shortages exceed 3 million security... by Cyber Security Headlines
6 min listen
Doubling down on Cobalt Group activity. [Research Saturday]: Doubling down on Cobalt Group activity by CyberWire Daily
22 min listen
Can ransomware turn machines against us? [Research Saturday] by CyberWire Daily
19 min listen
AI & LLMs - Josh More, Matthew Carpenter - PSW #808: What will the future bring with respect to AI and LLMs? Josh has spent some time thinking about this and brings us some great resources. We'll discuss how to get students involved with AI in a safe and ethical manner. How can we use AI to teach people... by Security Weekly Podcast Network (Audio)
179 min listen
PSW #770 - Brian Behlendorf: This week in the Security News: GetVariable strikes again, attackers could blow up your computer remotely, escaping containers, null-dereferences and faulty evaluations, 31 new CPU vulnerabilities for AMD, a look into Chrome, santa, not-so-secure... by Security Weekly Podcast Network (Audio)
168 min listen
Hooked on pirated macOS applications. [Research Saturday] by CyberWire Daily
23 min listen
Usable security is a delicate balance. [Research Saturday]: Usable security is a delicate balance. [Research Saturday] by CyberWire Daily
21 min listen
ASW #241 - Asaf Ashkenazi, Chris Eng, Jeff Martin: What happens to an app's security after six months? What about a year or two years? A Secure SDLC needs to maintain security throughout an app's lifetime, but too often the rate of new flaws can outpace the rate of new code within an app. Appsec teams... by Security Weekly Podcast Network (Audio)
68 min listen
Developing an Effective AppSec Security Program - Brendon Macaraeg - BSW #151: Brendon Macaraeg is the Sr. Director of Product Marketing of Signal Sciences. Focus on the people, processes and tools a dev team needs to put an effective security program in place. Discuss how to improve listener's current program and tooling to... by Security Weekly Podcast Network (Video)
35 min listen
Thrip espionage group lives off the land. [Research Saturday]: Thrip espionage group lives off the land. by CyberWire Daily
28 min listen
Internal Jokes - ASW #183: Security is one of the most evolving and impactful landscapes in the regulatory sphere. Proposed initiatives in the areas of Incident Response, Software and Product Assurance, Coordinated Vulnerability Disclosure (CVD), and IoT or Connected Products... by Security Weekly Podcast Network (Audio)
77 min listen
Noberus ransomware: evolving tactics. [Research Saturday] by CyberWire Daily
21 min listen
ESW #309 - Tal Morgenstern, Casey Smith: The CI/CD pipeline is the backbone of the software development process, so it's critical to ensure you are meeting and exceeding the most critical security measures. Throughout this podcast, Tal Morgenstern, Co-founder and CSO of Vulcan Cyber, will... by Security Weekly Podcast Network (Audio)
145 min listen
The Elephant in the Pipeline: Securing the Wild, Untamed Software Supply Chain - Pete Morgan - ESW #348: We've seen general users targeted with phishing, financial employees targeted for BEC scams, and engineers targeted for access to infrastructure. The truly scary attacks, however, are the indirect ones that are automated. The threats that come in via... by Security Weekly Podcast Network (Audio)
106 min listen
Staying Ahead of Hackers: Protecting Mobile Apps & Detecting Malicious Packages - Asaf Ashkenazi, Jeff Martin - ASW #241: Learn how hackers are exploiting the trust that mobile app owners place in their customers. Hackers are increasingly modifying app code, posing as trusted customers, and infiltrating IT infrastructure. This segment is sponsored by Verimatrix. Visit... by Security Weekly Podcast Network (Video)
27 min listen
Staying Ahead of Hackers: Protecting Mobile Apps & Detecting Malicious Packages - Asaf Ashkenazi, Jeff Martin - ASW #241: Learn how hackers are exploiting the trust that mobile app owners place in their customers. Hackers are increasingly modifying app code, posing as trusted customers, and infiltrating IT infrastructure. This segment is sponsored by Verimatrix. Visit... by Application Security Weekly (Video)
27 min listen
Developing and Using a Software Bill of Materials Framework: With the increasing complexity of software systems, the use of third-party components has become a widespread practice. Cyber disruptions, such as SolarWinds and Log4j, demonstrate the harm that can occur when organizations fail to manage third-party... by Software Engineering Institute (SEI) Podcast Series
38 min listen
Vulnerability Reporting, Zyxel, GPS Spoofing - PSW #808: We navigate through dangerous cyber terrain, examining real-world examples like the WebP library and the Curl vulnerability. Critical issues in Zyxel firewalls will also be unmasked as we shed light on the urgency of improving vulnerability reporting... by Security Weekly Podcast Network (Video)
60 min listen
The Rise of the SBOM - Steve Springett - ESW #226: Software Bill of Materials (SBOM) are used to describe the list of ingredients for the software that organizations create or acquire. There's a rapidly expanding community of adopters, implementers, and producers that are creating, consuming, and... by Enterprise Security Weekly (Video)
32 min listen
The Rise of the SBOM - Steve Springett - ESW #226: Software Bill of Materials (SBOM) are used to describe the list of ingredients for the software that organizations create or acquire. There's a rapidly expanding community of adopters, implementers, and producers that are creating, consuming, and... by Security Weekly Podcast Network (Video)
32 min listen
Bug Bounties: All links and images for this episode can be found on CISO Series () What is the successful formula for a bug bounty program? Should it be run internally, by a third party, or should you open it up to the public? Or, maybe a mixture of everything?... by Defense in Depth
30 min listen
The Cloudcast #260 - Securing Container Workloads: Aaron and Brian talk with Randy Kilmon (VP of Engineering at @black_duck_sw) about the open source vulnerabilities, securing containers and managing the lifecycle of rapidly changing software. Show Links: <ul> <li>Get a<... by The Cloudcast
24 min listen
138: The Mimics of Punjab: The Mimics of Punjab by Darknet Diaries
47 min listen

Discover this podcast and so much more

Steganography enables sophisticated OceanLotus payloads. [Research Saturday]

Steganography enables sophisticated OceanLotus payloads. [Research Saturday]

Description

More Episodes from CyberWire Daily

Related podcast episodes