Collaborate Disseminate
Let’s take a very simple defense goal. I’m a UEFI DXE Driver and my only goal is to prevent a 100GB file located at C:\sacred
from being deleted or overwritten by the system under any circumnstances. My opponent (also a UEFI DXE Driver, so… Continue reading If two UEFI rootkits battle to perform / prevent an action, what determines which side can succeed? [closed]
From what I know, Windows Defender, as an antivirus, offers a good enough level of security for home users. However, I’ve seen a lot of people mention that it does have some shortcomings, particularly when it comes to detecting malware.
As… Continue reading Security program against malware complementary to Windows Defender [closed]
JTAG
System software debug support is for many software developers the main reason to be interested in JTAG. Many silicon architectures such as PowerPC, MIPS, ARM, x86 built an entire software debug, instruction tracing, and data tracing … Continue reading Are there any existing JTAG (hardware debugging) based malware detection systems, and if not, why?
JTAG
System software debug support is for many software developers the main reason to be interested in JTAG. Many silicon architectures such as PowerPC, MIPS, ARM, x86 built an entire software debug, instruction tracing, and data tracing … Continue reading Are there any existing JTAG (hardware debugging) based malware detection systems, and if not, why?
I’m curious to know if an attacker can fundamentally exploit the debugging process.
I’m not asking if specific debugging tools have been exploitable, surely some have, but rather whether the process of debugging – any and perhaps every deb… Continue reading Has exploitation been demonstrated against the fundamental constructs of the debugging process?
I’m curious to know if an attacker can fundamentally exploit the debugging process.
I’m not asking if specific debugging tools have been exploitable, surely some have, but rather whether the process of debugging – any and perhaps every deb… Continue reading Has exploitation been demonstrated against the fundamental constructs of the debugging process?
Doing malware analysis I’m interested in being able to log every instruction the CPU executes for a given process. I was hoping this was perhaps possible in a standard VM environment, even if not possible in a bare-metal execution scenario… Continue reading Is there a way to record CPU operations for a given process as they occur in a standard, production OS environment?
I’m a user of ESET Mobile Security. Yesterday I’ve come to see that the eset is showing more than 140 detections in my mobile all of a sudden.
The detection name is
Android/SMSFlooder.Agent.DN (variant)
The detected apps includes my apps t… Continue reading Android/SMSFlooder.Agent.DN (variant) – Unresolved detection by eset mobile security [closed]
A piece of malware detects signatures of the sandbox an AV solution tries to use to fingerprint malicious behavior and pretends to be innocent. Once in the real OS environment, it then downloads executable data encoded as image data and de… Continue reading Why don’t computers enforce immutable address spaces for execution?
I want to know what this security package does and when it is used?
Is it used for specific purposes and is there an example of using this security package?
Continue reading what is used com.miui.securityadd in xiaomi smartphone? [closed]