Ghidra – Page 4 – WindowsTechs.com

How an NSA researcher plans to allow everyone to guard against firmware attacks

Posted on August 22, 2019 by Shannon Vavra

A years-long project from researchers at the National Security Agency that could better protect machines from firmware attacks will soon be available to the public, the lead NSA researcher on the project tells CyberScoop. The project will increase security in machines essentially by placing a machine’s firmware in a container to isolate it from would-be attackers. A layer of protection is being added to the System Management Interrupt (SMI) handler — code that allows a machine to make adjustments on the hardware level — as part of the open source firmware platform Coreboot. Eugene Myers, who works in the National Security Agency’s Trusted Systems Research Group, told CyberScoop that the end product — known as an SMI Transfer Monitor with protected execution (STM-PE) — will work with x86 processors that run Coreboot. Attackers are increasingly targeting firmware in order to run malicious attacks. Just last year, the first-ever documented UEFI rootkit was deployed in the wild, according […]

The post How an NSA researcher plans to allow everyone to guard against firmware attacks appeared first on CyberScoop.

Continue reading How an NSA researcher plans to allow everyone to guard against firmware attacks→

NSA’s reverse-engineering malware tool, Ghidra, to get new features to save time, boost accuracy

Posted on August 8, 2019 by Shannon Vavra

Just five months ago at the RSA conference, the NSA released Ghidra, a piece of open source software for reverse-engineering malware. It was an unusual move for the spy agency, and it’s sticking to its plan for regular updates — including some based on requests from the public. In the coming months, Ghidra will get support for Android binaries, according to Brian Knighton, a senior researcher for the NSA, and Chris Delikat, a cyber team lead in its Research Directorate, who previewed details of the upcoming release with CyberScoop. Knighton and Delikat are discussing their plans at a session of the Black Hat security conference in Las Vegas Thursday. Before the Android support arrives, a version 9.1 will include new features intended to save time for users and boost accuracy in reverse-engineering malware — enhancements that will come from features such as processor modules, new support for system calls and the ability to conduct additional editing, known as sleigh editing, in the Eclipse […]

The post NSA’s reverse-engineering malware tool, Ghidra, to get new features to save time, boost accuracy appeared first on CyberScoop.

Continue reading NSA’s reverse-engineering malware tool, Ghidra, to get new features to save time, boost accuracy→

Shadowhammer, WPA3, and Alexa is Listening: This Week in Computer Security

Posted on April 19, 2019 by Jonathan Bennett

Let’s get caught up on computer security news! The big news is Shadowhammer — The Asus Live Update Utility prompted users to download an update that lacked any description or changelog. People thought it was odd, but the update was properly signed by Asus, and antivirus scans reported it as …read more

Continue reading Shadowhammer, WPA3, and Alexa is Listening: This Week in Computer Security→

Pano Logic FGPA Hacking Just Got Easier

Posted on April 19, 2019 by Tom Nardi

When Pano Logic went out of business in 2012, their line of unique FPGA-based thin clients suddenly became a burden that IT departments didn’t want anything to do with. New and used units flooded the second-hand market, and for a while you could pick these interesting gadgets up for not …read more

Continue reading Pano Logic FGPA Hacking Just Got Easier→

Financial Apps are Ripe for Exploit via Reverse Engineering

Posted on April 2, 2019 by Tom Spring

White hat hacker reverse engineers financial apps and finds a treasure trove of security issues. Continue reading Financial Apps are Ripe for Exploit via Reverse Engineering→

Researcher Says NSA’s Ghidra Tool Can Be Used for RCE

Posted on March 19, 2019 by Tara Seals

Researchers have released a proof-of-concept showing how a XXE vulnerability can be exploited to attack Ghidra project users. Continue reading Researcher Says NSA’s Ghidra Tool Can Be Used for RCE→

Spoiler, Use-After-Free, and Ghidra: This Week in Computer Security

Posted on March 13, 2019 by Jonathan Bennett

The past few days have been busy if you’re trying to keep up with the pace of computer security news. Between a serious Chromium bug that’s actively being exploited on Windows 7 systems, the NSA releasing one of their tools as an open source project, and a new Spectre-like speculative …read more

Continue reading Spoiler, Use-After-Free, and Ghidra: This Week in Computer Security→

NSA might shut down phone snooping program, whatever that means

Posted on March 7, 2019 by Lisa Vaas

We’ve heard this tale before. This time, it was mentioned by a congressional aide. Also, the NSA released Ghidra, a free reverse-engineering tool. Continue reading NSA might shut down phone snooping program, whatever that means→

Releasing the NSA’s Previously Classified Tool ‘Ghidra’ For Free Is a ‘Game Changer’

Posted on March 6, 2019 by Lorenzo Franceschi-Bicchierai

The NSA release a free and open source reverse engineering app called ‘Ghidra.” Continue reading Releasing the NSA’s Previously Classified Tool ‘Ghidra’ For Free Is a ‘Game Changer’→