Ezuri: Regenerating a different kind of target. [Research Saturday]

FromCyberWire Daily

Start listening View podcast show

Ezuri: Regenerating a different kind of target. [Research Saturday]

FromCyberWire Daily

ratings:

Length:

19 minutes

Released:

Apr 3, 2021

Format:

Podcast episode

Description

Guests Fernando Martinez and Tom Hegel from AT&T Alien Labs join Dave to discuss their team's research "Malware using new Ezuri memory loader." Multiple threat actors have recently started using a Go language (Golang) tool to act as a packer and avoid Antivirus detection. Additionally, the Ezuri memory loader tool acts as a malware loader and executes its payload in memory, without writing the file to disk. While this technique is known and commonly used by Windows malware, it is less popular in Linux environments.
The research can be found here:
Malware using new Ezuri memory loader

Released:

Apr 3, 2021

Format:

Podcast episode

More Episodes from CyberWire Daily

Skip carousel

Bonus Episode: 2024 Cybersecurity Canon Hall of Fame Inductee: Cybersecurity Myths and Misconceptions: Avoiding the Hazards and Pitfalls that Derail Us by Eugene Spafford, Leigh Metcalf, Josiah Dykstra and Illustrated by Pattie Spafford. [CSOP] by CyberWire Daily
16 min listen
Charting the course: Biden's blueprint for global cybersecurity. by CyberWire Daily
33 min listen
Bonus Episode: 2024 Cybersecurity Canon Hall of Fame Inductee: Tracers in the Dark by Andy Greenberg. [CSOP] by CyberWire Daily
18 min listen
Encore: Elizabeth Wharton: Strong shoulders for someone else to stand on. [Legal] [Career Notes] by CyberWire Daily
7 min listen
Geopolitical tensions rise with China. [Research Saturday] by CyberWire Daily
35 min listen
Ransomware attack turns legal attack. by CyberWire Daily
40 min listen
Dropbox sign breach exposes secrets. by CyberWire Daily
41 min listen
Retirement plan breach shakes financial giant. by CyberWire Daily
40 min listen
Ransomware is just a prescription for chaos. by CyberWire Daily
31 min listen
An unprecedented surge in credential stuffing. by CyberWire Daily
32 min listen
Encore: Jack Rhysider: Get your experience points in everything. [Media] [Career Notes] by CyberWire Daily
8 min listen
Cerber ransomware strikes Linux. [Research Saturday] by CyberWire Daily
16 min listen
Cyber Talent Insights: Strengthening the cyber talent pipeline apparatus. (Part 3 of 3) [Special Edition] by CyberWire Daily
55 min listen
Kaiser Permanente's privacy predicament. by CyberWire Daily
29 min listen
The shadowy adversary in Cisco's crosshairs. by CyberWire Daily
30 min listen
Iran's covert cyber operations exposed. by CyberWire Daily
42 min listen
Visa crackdown against spyware swindlers. by CyberWire Daily
36 min listen
Renewed surveillance sparks controversy. by CyberWire Daily
36 min listen
Cloud Architect vs Detection Engineer: Mutual benefit. [CyberWire-X] by CyberWire Daily
18 min listen
Encore: Kiersten Todt: problem solving and building solutions. [Policy] [Career Notes] by CyberWire Daily
7 min listen
The art of information gathering. [Research Saturday] by CyberWire Daily
32 min listen
Swift responses to cyberattacks. by CyberWire Daily
31 min listen
Cyber Talent Insights: Charting your path in cybersecurity. (Part 2 of 3) [Special Edition] by CyberWire Daily
53 min listen
From phishing to felony. by CyberWire Daily
34 min listen
The rebirth of Russia's cyber warfare. by CyberWire Daily
32 min listen
Weathering the phishing front. by CyberWire Daily
36 min listen
Hunting vulnerabilities. by CyberWire Daily
32 min listen
AWS in Orbit: Extending the resilient edge to space. [T-Minus AWS in Orbit]: We speak to AWS Aerospace and Satellite, and Iridium about extending the resilient edge to space. by CyberWire Daily
25 min listen
Encore: Stu Sjouwerman: Trying for a win, win, win game. [CEO] [Career Notes] by CyberWire Daily
6 min listen
AWS in Orbit: Building a resilient outernet. [T-Minus AWS in Orbit]: We speak to AWS Aerospace and Satellite, and Rivada Space Networks about enabling secure point-to-point global connectivity, and the opportunities of establishing a low-latency optical-link communication mesh network in low earth orbit. by CyberWire Daily
22 min listen

Related podcast episodes

Skip carousel

The power behind artificial intelligence. [Research Saturday] by CyberWire Daily
19 min listen
Lebal malware phishes for victims. [Research Saturday]: Lebal malware phishes for victims by CyberWire Daily
18 min listen
Technado, Ep. 244: Real Defense's Gary Guseinov by Technado
47 min listen
December 22, 2020: Attackers staged a dry-run against SolarWinds in October 2019 NSO Group spyware reportedly used against journalists CIA agents exposed with stolen data Thanks to our sponsor ReversingLabs Open source packages from repos such as PyPI, npm, RubyGems and... by Cyber Security Headlines
7 min listen
PSW #782 - Kaitlyn Handelman: STM32 boards, soldering, decapping chips, RTOS development, lasers, multiple flippers and for what you ask? So I can be alerted about a device I already know is there. The Flipper Zero attracted the attention of news outlets and hackers alike as... by Security Weekly Podcast Network (Audio)
175 min listen
Episode 293: JSJ 290: Open Source Software with Dirk Hohndel - VMWare Chief Open Source Officer by JavaScript Jabber
74 min listen
312: Why Package Managers: The UNIX Philosophy in 2019, why use package managers, touchpad interrupted, Porting wine to amd64 on NetBSD second evaluation report, Enhancing Syzkaller Support for NetBSD, all about the Pinebook Pro, killing a process and all of its descendants, fast software the best software, and more. by BSD Now
72 min listen
288: Turing Complete Sed: Software will never fix Spectre-type bugs, a proof that sed is Turing complete, managed jails using Bastille, new version of netdata, using grep with /dev/null, using GMail with mutt, and more. by BSD Now
59 min listen
Malware in pirated Windows installation files. [Research Saturday] by CyberWire Daily
14 min listen
Late Night Linux – Episode 235: The pros and cons of working on open source software, streaming your Android screen to desktop Linux, a Hacker News alternative, stabilizing video, an ESP32-based open hardware watch, a ludicrously expensive router, by Late Night Linux
33 min listen
Late Night Linux – Episode 235: The pros and cons of working on open source software, streaming your Android screen to desktop Linux, a Hacker News alternative, stabilizing video, an ESP32-based open hardware watch, a ludicrously expensive router, by Late Night Linux Family All Episodes
33 min listen
784: Semmle - The New Method of Code Analysis: Semmle. - Securing software, together: developers, security researchers and the community. by The Tech Talks Daily Podcast
17 min listen
066 Securing Your Firmware: 066 Securing Your Firmware by Inside Security Intelligence
42 min listen
A set of new tools can decrypt files locked by Stop, a highly active ransomware by TechCrunch Industry News
6 min listen
Minimum Safe Distance - ASW #148: We start with the article about "Researchers Secretly Tried To Add Vulnerabilities to Linux Kernel, Ended Up Getting Banned" and explore its range of issues from ethics to securing huge, distributed software projects. It's hardly novel to point out... by Security Weekly Podcast Network (Audio)
73 min listen
Modern Code Generation with Jordan Adler: Jordan Adler is Head of Developer Engineering at OneSignal and has a deep interest in code generation. He has helped migrate large systems from Python 2 or Python 3 using code generation and code transformation. Using tools like Yellicode, Python Future, and others, Jordan's team has been able to accelerate software development. We'll also talk about OpenAPI-generator, a tool that takes OpenAPI/Swagger and generates idiomatic SDKs in any language. by Hanselminutes with Scott Hanselman
35 min listen
DNS Hijacking - Fredrik Nordberg Almroth - ESW #214: Fredrik Nordberg Almroth, Security Researcher at Detectify, tells the story of how he managed to claim the top-level domain of an entire country - the Congo (DRC), .cd - before any bad actors could snatch it up. He will also discuss domain takeovers... by Security Weekly Podcast Network (Video)
18 min listen
DNS Hijacking - Fredrik Nordberg Almroth - ESW #214: Fredrik Nordberg Almroth, Security Researcher at Detectify, tells the story of how he managed to claim the top-level domain of an entire country - the Congo (DRC), .cd - before any bad actors could snatch it up. He will also discuss domain takeovers... by Enterprise Security Weekly (Video)
18 min listen
Overworked developers write vulnerable software. [Research Saturday]: Why do some developers and development teams write more secure code than others? Software is written by people, either alone or in teams. Ultimately secure code development depends on the actions and decisions taken by the people who develop the code.... by CyberWire Daily
17 min listen
Staying Ahead of Hackers: Protecting Mobile Apps & Detecting Malicious Packages - Asaf Ashkenazi, Jeff Martin - ASW #241: Learn how hackers are exploiting the trust that mobile app owners place in their customers. Hackers are increasingly modifying app code, posing as trusted customers, and infiltrating IT infrastructure. This segment is sponsored by Verimatrix. Visit... by Application Security Weekly (Video)
27 min listen
Staying Ahead of Hackers: Protecting Mobile Apps & Detecting Malicious Packages - Asaf Ashkenazi, Jeff Martin - ASW #241: Learn how hackers are exploiting the trust that mobile app owners place in their customers. Hackers are increasingly modifying app code, posing as trusted customers, and infiltrating IT infrastructure. This segment is sponsored by Verimatrix. Visit... by Security Weekly Podcast Network (Video)
27 min listen
Joker malware family: not a joke for Google Play. [Research Saturday] by CyberWire Daily
18 min listen
PSW #772 - Hal Pomeranz: Linux systems are a collection of free and Open Source software-- some packaged by your distro, some built from source. How do you verify that your upstream isn't polluted by bad actors? Segment Resources: In the Security News:... by Security Weekly Podcast Network (Audio)
157 min listen
2733: Securing the Open Source World: I sat down with Gal Elbaz, the co-founder and CTO of Oligo Security, to discuss the vulnerabilities and challenges within open-source software. Gal Elbaz, renowned for his pivotal discovery of a critical vulnerability in an open source library used... by The Tech Talks Daily Podcast
48 min listen
An in depth look on the Crytox ransomware family. [Research Saturday] by CyberWire Daily
14 min listen
Meltdown and Spectre arose from engineering for speed—most chips are affected. Bogus security apps kicked out of Google Play. Iran's Internet crackdown. Indications of a guilty plea in NSA leak case.: Meltdown and Spectre arose from engineering for speed—most chips are affected. Bogus security apps kicked out of Google Play. Iran's Internet crackdown. Indications of a guilty plea in NSA leak case. by CyberWire Daily
18 min listen
314: Swap that Space: Unix virtual memory when you have no swap space, Dsynth details on Dragonfly, Instant Workstation on FreeBSD, new servers new tech, Experimenting with streaming setups on NetBSD, NetBSD’s progress towards Steam support thanks to GSoC, and more. by BSD Now
48 min listen
Are you running what you think you're running? [Research Saturday]: Built into virtually every hardware device, firmware is lower-level software that is programmed to ensure that hardware functions properly. As software security has been significantly hardened over the past two decades, hackers have responded by... by CyberWire Daily
16 min listen
Hooked on pirated macOS applications. [Research Saturday] by CyberWire Daily
23 min listen
Rust Vulnerability Analysis and Maturity Challenges: While the of the Rust programming language can be effective in many situations, Rust’s compiler is very particular on what constitutes good software design practices. Whenever design assumptions disagree with real-world data and assumptions, there... by Software Engineering Institute (SEI) Podcast Series
37 min listen

Discover this podcast and so much more

Ezuri: Regenerating a different kind of target. [Research Saturday]

Ezuri: Regenerating a different kind of target. [Research Saturday]

Description

More Episodes from CyberWire Daily

Related podcast episodes