IEEE

Evasion of Deep Learning Malware Detection via Adversarial Selective Obfuscation

Abstract: In this work, we present a novel approach for generating adversarial attacks on malware classification systems that rely on image-based representations of binary executables. Our method ...
GitHub

ZYPE: Your Payload Encryptor

In the following example, I will use MSFvenom to generate a Windows shellcode to execute calc.exe and use ZYPE to do the IPv6 obfuscation. Let's first generate the shellcode. This will generate the ...
Fox News

Fake Windows update pushes malware in new ClickFix attack

Cybercriminals keep getting better at blending into the software you use every day. Over the past few years, we've seen phishing pages that copy banking portals, fake browser alerts that claim your ...
FOX 24 News

Fake Windows update pushes malware in new ClickFix attack

The ClickFix campaign disguises malware as legitimate Windows updates, using steganography to hide shellcode in PNG files and bypass security detection systems.
IEEE

Malware Detection in Docker Containers: An Image is Worth a Thousand Logs

Abstract: Malware detection is increasingly challenged by evolving techniques like obfuscation and polymorphism, limiting the effectiveness of traditional methods. Meanwhile, the widespread adoption ...
The Hacker News

NANOREMOTE Malware Uses Google Drive API for Hidden Control on Windows Systems

Cybersecurity researchers have disclosed details of a new fully-featured Windows backdoor called NANOREMOTE that uses the Google Drive API for command-and-control (C2) purposes. According to a report ...
The Hacker News

Search results for Cipher's Playful Decode | Breaking Cybersecurity News | The Hacker News

Get the latest news, expert insights, exclusive resources, and strategies from industry leaders – all for free.
Infosecurity-magazine.com

ClickFix Social Engineering Sparks Rise of CastleLoader Attacks

A new malware campaign using a Python-based delivery chain to deploy the emerging CastleLoader family has been discovered by cybersecurity researchers. According to Blackpoint, the activity revolves ...
Forbes

If This Google Play Store App Is On Your Phone, Delete It Now

Whisper it quietly, but while warning after warning urges Android users only to install apps from Google’s official Play Store, some of those apps are still as dangerous as sideloading. More ...
Dark Reading

Packer-as-a-Service Shanya Hides Ransomware, Kills EDR

You may be familiar with ransomware-as-a-service (RaaS), but now there's also packer-as-a-service. Security vendor Sophos on Dec. 6 published research on "Shanya," a packer-as-a-service family that ...
GitHub

shellcode-protection

Advanced memory evasion PoC that cyclically encrypts shellcode and fluctuates between RW/NoAccess and RX memory protections to bypass memory scanners like Moneta and PE-Sieve.