Collaborate Disseminate
In the news, Intel drops plans to develop Spectre microcode for ancient chips, Critical flaw leaves thousands of Cisco Switches vulnerable to remote hacking, VirusTotal launches ‘Droidy’ sandbox to detect malicious Android apps, Facebook an… Continue reading Intel, Cisco, Facebook, & Twitter – Paul’s Security Weekly #554
Recently we called out Additional crispinness on the MacOS box of apples sandbox, continuing with our effort to improve our malware behavior analysis infrastructure we are happy to announce the deployment of a new Android sandbox that replaces the exis… Continue reading Meet VirusTotal Droidy, our new Android sandbox
Assuming that the attacker already has code execution (which is the case of every interpreter sandbox escape exploit I know of), couldn’t he just use a function/method (like Runtime.getRuntime().exec() in Java or os.system() … Continue reading What is the point of escaping an interpreter’s sandbox?
I don’t deeply understand Meltdown and Spectre — all I know is that they are basically keylogging-like vulnerabilities within the CPU, which bypass any application layer stuff; correct me if I’m wrong.
I want to know the fo… Continue reading Meltdown and Spectre regarding Firewalls and Sandboxing
If you need to install software from a third party and frequently run it on your PC, but you do not trust the software, although antivirus doesn’t rise any flags:
Is it possible to install software on Windows 10 Pro in an ‘… Continue reading How do you handle untrusted software installation / runtime?
We are going to install a sandbox solution that requires Ubuntu Server as the underlying OS (the product is not shipped as a ready to install appliance). For performance reasons the malware samples are stored on file system and not in the … Continue reading Is it secure to keep malware in filesystem of VMs?
I’m trying to learn the key differences between a sandbox used for malware analysis and a portable sandbox used by companies like Sandboxie, Crowdstrike Falcon. Are we talking about the same technologies basically?
Continue reading Differences between a full scale sandbox and a portable sandbox?
Aidan Finn walks you through the step-by-step instructions for deploying an Azure DevTest Lab in the resource group of your choice, with the virtual network of your choice.
The post Deploying Azure DevTest Labs appeared first on Petri.
I have angular 1.5, get information from a form and print it with a sandbox {{vm.name}}. I have tried to enter 1+1 in the form and got 1+1 instead of 2 in the sandbox. my guess is that it is printed into the sandbox as a st… Continue reading How can I escape a string in sandbox-angular 1.5?
I’ve been researching designing a sandbox for Windows that sandboxes web-browsers and smtp-pop programs. It’s understood that these sort of programs cannot be trusted because of the potential they have in allowing exploits to… Continue reading What would be the best method to intercept process creation – Sandbox Design for Windows