news
Security Leftovers
-
Trail of Bits ☛ Building checksec without boundaries with Checksec Anywhere
Since its original release in 2009, checksec has become widely used in the software security community, proving useful in CTF challenges, security posturing, and general binary analysis. The tool inspects executables to determine which exploit mitigations (e.g., ASLR, DEP, stack canaries, etc.) are enabled, rapidly gauging a program’s defensive hardening. This success inspired numerous spinoffs: a contemporary Go implementation, Trail of Bits’ Winchecksec for PE binaries, and various scripts targeting Apple’s Mach-O binary format. However, this created an unwieldy ecosystem where security professionals must juggle multiple tools, each with different interfaces, dependencies, and feature sets.
-
LWN ☛ Rust in Android: move fast and fix things (Google Security Blog) [Ed: Next attack target]
The Surveillance Giant Google Security Blog has a
new post on just how well the use of Rust is working out for the
Android project.
-
NVISO Labs ☛ Contagious Interview Actors Now Utilize JSON Storage Services for Malware Delivery
NVISO reports a new development in the Contagious Interview campaign. The threat actors have recently resorted to utilizing JSON storage services like JSON Keeper, JSONsilo, and npoint.io to host and deliver malware from trojanized code projects, with the lure being a use case or demo project as part of an interview process.
-
Scoop News Group ☛ Operation Endgame targets malware networks in global crackdown
Rhadamanthys, VenomRAT, and the Elysium botnet were targeted in the takedowns.
-
SANS ☛ Formbook Delivered Through Multiple Scripts, (Thu, Nov 13th)