Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

Detecting Suspicious API Usage with YARA Rules, (Fri, Apr 7th)

published on 2023-04-07 05:45:16 UTC by
Content:
YARA[1] is a beautiful tool for malware researchers and incident responders. No need to present it again. It became a standard tool to add to your arsenal. While teaching FOR610 (Malware Analysis & Reverse Engineering), a student asked me how to detect specific API calls with dangerous parameters during the triage phase. This phase will help you quickly assess the malware sample and help you decide how to perform the following steps.
Article: Detecting Suspicious API Usage with YARA Rules, (Fri, Apr 7th) - published over 1 year ago.

https://isc.sans.edu/diary/rss/29724   
Published: 2023 04 07 05:45:16
Received: 2023 04 07 06:34:31
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Views: 1

Custom HTML Block

Click to Open Code Editor