#antimalware — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #antimalware, aggregated by home.social.
-
@MishaVelthuis : firstly, I am definitely not an AI expert.
W.r.t. source code analysis: in fact one does not need "source code" (e.g. higher level languages) to be able to spot bugs. More or less like you wrote, in the end every computer program contains sequences of instructions for the targeted CPU (including calls to, possibly documented, operating system and other libraries).
Reverse engineers love decompilers because assembler code is a lot harder to interpret *by humans* than higher level source code (it can be done, I did it approx. 30 - 40 years ago for various CPU architectures, but it is very time consuming and error-prone).
Malware typically consist of (highly) obfuscated code to fool decompilers and emulators. I've not studied it but probably the anti-malware industry is already using AI to help them analyse malware (and, feeding the rat race, quite likely malware makers are using AI to obfuscate their code).
Internet search terms such as "malware analysis llm" may possibly help you to find related articles.
Regardless, IMO not possessing the original source code should not pose a major hurdle for finding bugs in executable code.
#AI #ReverseEngineering #Malware #DeCompilers #IDA #DisAssemblers #Infosec #AntiMalware
-
@MishaVelthuis : firstly, I am definitely not an AI expert.
W.r.t. source code analysis: in fact one does not need "source code" (e.g. higher level languages) to be able to spot bugs. More or less like you wrote, in the end every computer program contains sequences of instructions for the targeted CPU (including calls to, possibly documented, operating system and other libraries).
Reverse engineers love decompilers because assembler code is a lot harder to interpret *by humans* than higher level source code (it can be done, I did it approx. 30 - 40 years ago for various CPU architectures, but it is very time consuming and error-prone).
Malware typically consist of (highly) obfuscated code to fool decompilers and emulators. I've not studied it but probably the anti-malware industry is already using AI to help them analyse malware (and, feeding the rat race, quite likely malware makers are using AI to obfuscate their code).
Internet search terms such as "malware analysis llm" may possibly help you to find related articles.
Regardless, IMO not possessing the original source code should not pose a major hurdle for finding bugs in executable code.
#AI #ReverseEngineering #Malware #DeCompilers #IDA #DisAssemblers #Infosec #AntiMalware
-
@MishaVelthuis : firstly, I am definitely not an AI expert.
W.r.t. source code analysis: in fact one does not need "source code" (e.g. higher level languages) to be able to spot bugs. More or less like you wrote, in the end every computer program contains sequences of instructions for the targeted CPU (including calls to, possibly documented, operating system and other libraries).
Reverse engineers love decompilers because assembler code is a lot harder to interpret *by humans* than higher level source code (it can be done, I did it approx. 30 - 40 years ago for various CPU architectures, but it is very time consuming and error-prone).
Malware typically consist of (highly) obfuscated code to fool decompilers and emulators. I've not studied it but probably the anti-malware industry is already using AI to help them analyse malware (and, feeding the rat race, quite likely malware makers are using AI to obfuscate their code).
Internet search terms such as "malware analysis llm" may possibly help you to find related articles.
Regardless, IMO not possessing the original source code should not pose a major hurdle for finding bugs in executable code.
#AI #ReverseEngineering #Malware #DeCompilers #IDA #DisAssemblers #Infosec #AntiMalware
-
@MishaVelthuis : firstly, I am definitely not an AI expert.
W.r.t. source code analysis: in fact one does not need "source code" (e.g. higher level languages) to be able to spot bugs. More or less like you wrote, in the end every computer program contains sequences of instructions for the targeted CPU (including calls to, possibly documented, operating system and other libraries).
Reverse engineers love decompilers because assembler code is a lot harder to interpret *by humans* than higher level source code (it can be done, I did it approx. 30 - 40 years ago for various CPU architectures, but it is very time consuming and error-prone).
Malware typically consist of (highly) obfuscated code to fool decompilers and emulators. I've not studied it but probably the anti-malware industry is already using AI to help them analyse malware (and, feeding the rat race, quite likely malware makers are using AI to obfuscate their code).
Internet search terms such as "malware analysis llm" may possibly help you to find related articles.
Regardless, IMO not possessing the original source code should not pose a major hurdle for finding bugs in executable code.
#AI #ReverseEngineering #Malware #DeCompilers #IDA #DisAssemblers #Infosec #AntiMalware
-
In 2025, the top 5 known exploited vulnerability (#KEV) vendors as of https://cyble.com/blog/cisa-kev-2025-exploited-vulnerabilities-growth/ were:
Microsoft (39)
#Apple (9)
#Cisco (8)
#Fortinet (8)
#Google #Chromium (7)If you like to minimize your #security risk here, avoiding those vendors could improve your overall exposure.
As you can see, this is particularly true for #Microsoft.
Mitigation using #AntiMalware or #EndPointProtection is not the answer as we've learned in the previous year where the "Most Frequently Exploited #Vulnerabilities" have been security products!
Source: https://services.google.com/fh/files/misc/m-trends-2025-en.pdfIf you have high requirements for #ITsecurity, you need to migrate your systems to #Linux which is also part of KEV but on a *much* better level!
-
In 2025, the top 5 known exploited vulnerability (#KEV) vendors as of https://cyble.com/blog/cisa-kev-2025-exploited-vulnerabilities-growth/ were:
Microsoft (39)
#Apple (9)
#Cisco (8)
#Fortinet (8)
#Google #Chromium (7)If you like to minimize your #security risk here, avoiding those vendors could improve your overall exposure.
As you can see, this is particularly true for #Microsoft.
Mitigation using #AntiMalware or #EndPointProtection is not the answer as we've learned in the previous year where the "Most Frequently Exploited #Vulnerabilities" have been security products!
Source: https://services.google.com/fh/files/misc/m-trends-2025-en.pdfIf you have high requirements for #ITsecurity, you need to migrate your systems to #Linux which is also part of KEV but on a *much* better level!
-
In 2025, the top 5 known exploited vulnerability (#KEV) vendors as of https://cyble.com/blog/cisa-kev-2025-exploited-vulnerabilities-growth/ were:
Microsoft (39)
#Apple (9)
#Cisco (8)
#Fortinet (8)
#Google #Chromium (7)If you like to minimize your #security risk here, avoiding those vendors could improve your overall exposure.
As you can see, this is particularly true for #Microsoft.
Mitigation using #AntiMalware or #EndPointProtection is not the answer as we've learned in the previous year where the "Most Frequently Exploited #Vulnerabilities" have been security products!
Source: https://services.google.com/fh/files/misc/m-trends-2025-en.pdfIf you have high requirements for #ITsecurity, you need to migrate your systems to #Linux which is also part of KEV but on a *much* better level!
-
In 2025, the top 5 known exploited vulnerability (#KEV) vendors as of https://cyble.com/blog/cisa-kev-2025-exploited-vulnerabilities-growth/ were:
Microsoft (39)
#Apple (9)
#Cisco (8)
#Fortinet (8)
#Google #Chromium (7)If you like to minimize your #security risk here, avoiding those vendors could improve your overall exposure.
As you can see, this is particularly true for #Microsoft.
Mitigation using #AntiMalware or #EndPointProtection is not the answer as we've learned in the previous year where the "Most Frequently Exploited #Vulnerabilities" have been security products!
Source: https://services.google.com/fh/files/misc/m-trends-2025-en.pdfIf you have high requirements for #ITsecurity, you need to migrate your systems to #Linux which is also part of KEV but on a *much* better level!
-
In 2025, the top 5 known exploited vulnerability (#KEV) vendors as of https://cyble.com/blog/cisa-kev-2025-exploited-vulnerabilities-growth/ were:
Microsoft (39)
#Apple (9)
#Cisco (8)
#Fortinet (8)
#Google #Chromium (7)If you like to minimize your #security risk here, avoiding those vendors could improve your overall exposure.
As you can see, this is particularly true for #Microsoft.
Mitigation using #AntiMalware or #EndPointProtection is not the answer as we've learned in the previous year where the "Most Frequently Exploited #Vulnerabilities" have been security products!
Source: https://services.google.com/fh/files/misc/m-trends-2025-en.pdfIf you have high requirements for #ITsecurity, you need to migrate your systems to #Linux which is also part of KEV but on a *much* better level!
-
CW: Kaspersky
While I don't trust Kaspersky due to Russia, them doing antimalware for Linux is a good sign that maybe other software will start popping up again so there's more options than ClamAV and Bitdefender GravityZone for "servers" (they consider all Linux installs servers last I checked).
-
CW: Kaspersky
While I don't trust Kaspersky due to Russia, them doing antimalware for Linux is a good sign that maybe other software will start popping up again so there's more options than ClamAV and Bitdefender GravityZone for "servers" (they consider all Linux installs servers last I checked).
-
CW: Kaspersky
While I don't trust Kaspersky due to Russia, them doing antimalware for Linux is a good sign that maybe other software will start popping up again so there's more options than ClamAV and Bitdefender GravityZone for "servers" (they consider all Linux installs servers last I checked).
-
CW: Kaspersky
While I don't trust Kaspersky due to Russia, them doing antimalware for Linux is a good sign that maybe other software will start popping up again so there's more options than ClamAV and Bitdefender GravityZone for "servers" (they consider all Linux installs servers last I checked).
-
Office sandbox file security to disappear from enterprise Windows by late 2027, Microsoft confirms https://www.csoonline.com/article/4085172/office-sandbox-file-security-to-disappear-from-enterprise-windows-by-late-2027-microsoft-confirms-2.html #SecuritySoftware #AntiMalware #Compliance #Security
-
Office sandbox file security to disappear from enterprise Windows by late 2027, Microsoft confirms https://www.csoonline.com/article/4085172/office-sandbox-file-security-to-disappear-from-enterprise-windows-by-late-2027-microsoft-confirms-2.html #SecuritySoftware #AntiMalware #Compliance #Security
-
Office sandbox file security to disappear from enterprise Windows by late 2027, Microsoft confirms https://www.csoonline.com/article/4085172/office-sandbox-file-security-to-disappear-from-enterprise-windows-by-late-2027-microsoft-confirms-2.html #SecuritySoftware #AntiMalware #Compliance #Security
-
Office sandbox file security to disappear from enterprise Windows by late 2027, Microsoft confirms https://www.csoonline.com/article/4085172/office-sandbox-file-security-to-disappear-from-enterprise-windows-by-late-2027-microsoft-confirms-2.html #SecuritySoftware #AntiMalware #Compliance #Security
-
EDR-Redir V2 can redirect entire folders like "Program Files" to point back to themselves, except for the folders of #antimalware EDR. This means that other software continues to function normally, while only the EDR is redirected or blocked. It can work with many EDRs: Elastic, Sophos, ESET, CrowdStrike,...
#itsecurity #redteam -
EDR-Redir V2 can redirect entire folders like "Program Files" to point back to themselves, except for the folders of #antimalware EDR. This means that other software continues to function normally, while only the EDR is redirected or blocked. It can work with many EDRs: Elastic, Sophos, ESET, CrowdStrike,...
#itsecurity #redteam -
EDR-Redir can successfully run with ESET. I will soon upgrade it to V2 with the ability to "redir" more types of EDRs. 💪
GitHub: TwoSevenOneT/EDR-Redir
#antimalware #CyberSecurity #malware -
EDR-Redir can successfully run with ESET. I will soon upgrade it to V2 with the ability to "redir" more types of EDRs. 💪
GitHub: TwoSevenOneT/EDR-Redir
#antimalware #CyberSecurity #malware -
Ataque "Tap and Steal": Novo malware para Android usa NFC para roubar dados de cartões de pagamento
🔗 https://tugatech.com.pt/t73687-ataque-tap-and-steal-novo-malware-para-android-usa-nfc-para-roubar-dados-de-cartoes-de-pagamento#android #antimalware #ataque #contactless #digital #fraude #google #malware #nfc #segurança #sem #servidores #tecnologia #telegram
-
Ataque "Tap and Steal": Novo malware para Android usa NFC para roubar dados de cartões de pagamento
🔗 https://tugatech.com.pt/t73687-ataque-tap-and-steal-novo-malware-para-android-usa-nfc-para-roubar-dados-de-cartoes-de-pagamento#android #antimalware #ataque #contactless #digital #fraude #google #malware #nfc #segurança #sem #servidores #tecnologia #telegram
-
Ataque "Tap and Steal": Novo malware para Android usa NFC para roubar dados de cartões de pagamento
🔗 https://tugatech.com.pt/t73687-ataque-tap-and-steal-novo-malware-para-android-usa-nfc-para-roubar-dados-de-cartoes-de-pagamento#android #antimalware #ataque #contactless #digital #fraude #google #malware #nfc #segurança #sem #servidores #tecnologia #telegram
-
Ataque "Tap and Steal": Novo malware para Android usa NFC para roubar dados de cartões de pagamento
🔗 https://tugatech.com.pt/t73687-ataque-tap-and-steal-novo-malware-para-android-usa-nfc-para-roubar-dados-de-cartoes-de-pagamento#android #antimalware #ataque #contactless #digital #fraude #google #malware #nfc #segurança #sem #servidores #tecnologia #telegram
-
Ataque "Tap and Steal": Novo malware para Android usa NFC para roubar dados de cartões de pagamento
🔗 https://tugatech.com.pt/t73687-ataque-tap-and-steal-novo-malware-para-android-usa-nfc-para-roubar-dados-de-cartoes-de-pagamento#android #antimalware #ataque #contactless #digital #fraude #google #malware #nfc #segurança #sem #servidores #tecnologia #telegram
-
Hugging Face e VirusTotal da Google unem-se para combater malware em modelos de IA
🔗 https://tugatech.com.pt/t73318-hugging-face-e-virustotal-da-google-unem-se-para-combater-malware-em-modelos-de-ia#antimalware #blog #digital #google #ia #IPS #llms #malware #online #riscos #segurança #tecnologia
-
Hugging Face e VirusTotal da Google unem-se para combater malware em modelos de IA
🔗 https://tugatech.com.pt/t73318-hugging-face-e-virustotal-da-google-unem-se-para-combater-malware-em-modelos-de-ia#antimalware #blog #digital #google #ia #IPS #llms #malware #online #riscos #segurança #tecnologia
-
Hugging Face e VirusTotal da Google unem-se para combater malware em modelos de IA
🔗 https://tugatech.com.pt/t73318-hugging-face-e-virustotal-da-google-unem-se-para-combater-malware-em-modelos-de-ia#antimalware #blog #digital #google #ia #IPS #llms #malware #online #riscos #segurança #tecnologia
-
Hugging Face e VirusTotal da Google unem-se para combater malware em modelos de IA
🔗 https://tugatech.com.pt/t73318-hugging-face-e-virustotal-da-google-unem-se-para-combater-malware-em-modelos-de-ia#antimalware #blog #digital #google #ia #IPS #llms #malware #online #riscos #segurança #tecnologia
-
Hugging Face e VirusTotal da Google unem-se para combater malware em modelos de IA
🔗 https://tugatech.com.pt/t73318-hugging-face-e-virustotal-da-google-unem-se-para-combater-malware-em-modelos-de-ia#antimalware #blog #digital #google #ia #IPS #llms #malware #online #riscos #segurança #tecnologia
-
Битва за внимание: как российские и зарубежные ИБ-медиа делят аудиторию в эпоху киберугроз
Специализированные медиа в сфере информационной безопасности оказались в центре серьезных отраслевых изменений. Киберугрозы усложняются — в том числе за счет искусственного интеллекта — и тема становится всё актуальнее. Однако сам медиарынок развивается неравномерно. Меняются паттерны потребления информации, аудитория консолидируется, конкуренция между изданиями обостряется. На этом фоне профильные ИБ-ресурсы из узкоспециализированных площадок превратились в важные источники информации для широкой аудитории — от директоров по безопасности до рядовых пользователей. Чтобы понять, как распределяется внимание на этом рынке, мы сравнили ключевые метрики российских и западных изданий. В основе анализа — данные SimilarWeb (сентябрь 2025), рейтинг цитируемости "Медиалогии" и индекс ИКС от "Яндекса".
https://habr.com/ru/articles/957454/
#сми #сми_в_интернете #securitylab #xakepru #antimalware #информационная_безопасность #рейтинг_сми
-
Битва за внимание: как российские и зарубежные ИБ-медиа делят аудиторию в эпоху киберугроз
Специализированные медиа в сфере информационной безопасности оказались в центре серьезных отраслевых изменений. Киберугрозы усложняются — в том числе за счет искусственного интеллекта — и тема становится всё актуальнее. Однако сам медиарынок развивается неравномерно. Меняются паттерны потребления информации, аудитория консолидируется, конкуренция между изданиями обостряется. На этом фоне профильные ИБ-ресурсы из узкоспециализированных площадок превратились в важные источники информации для широкой аудитории — от директоров по безопасности до рядовых пользователей. Чтобы понять, как распределяется внимание на этом рынке, мы сравнили ключевые метрики российских и западных изданий. В основе анализа — данные SimilarWeb (сентябрь 2025), рейтинг цитируемости "Медиалогии" и индекс ИКС от "Яндекса".
https://habr.com/ru/articles/957454/
#сми #сми_в_интернете #securitylab #xakepru #antimalware #информационная_безопасность #рейтинг_сми
-
Битва за внимание: как российские и зарубежные ИБ-медиа делят аудиторию в эпоху киберугроз
Специализированные медиа в сфере информационной безопасности оказались в центре серьезных отраслевых изменений. Киберугрозы усложняются — в том числе за счет искусственного интеллекта — и тема становится всё актуальнее. Однако сам медиарынок развивается неравномерно. Меняются паттерны потребления информации, аудитория консолидируется, конкуренция между изданиями обостряется. На этом фоне профильные ИБ-ресурсы из узкоспециализированных площадок превратились в важные источники информации для широкой аудитории — от директоров по безопасности до рядовых пользователей. Чтобы понять, как распределяется внимание на этом рынке, мы сравнили ключевые метрики российских и западных изданий. В основе анализа — данные SimilarWeb (сентябрь 2025), рейтинг цитируемости "Медиалогии" и индекс ИКС от "Яндекса".
https://habr.com/ru/articles/957454/
#сми #сми_в_интернете #securitylab #xakepru #antimalware #информационная_безопасность #рейтинг_сми
-
Битва за внимание: как российские и зарубежные ИБ-медиа делят аудиторию в эпоху киберугроз
Специализированные медиа в сфере информационной безопасности оказались в центре серьезных отраслевых изменений. Киберугрозы усложняются — в том числе за счет искусственного интеллекта — и тема становится всё актуальнее. Однако сам медиарынок развивается неравномерно. Меняются паттерны потребления информации, аудитория консолидируется, конкуренция между изданиями обостряется. На этом фоне профильные ИБ-ресурсы из узкоспециализированных площадок превратились в важные источники информации для широкой аудитории — от директоров по безопасности до рядовых пользователей. Чтобы понять, как распределяется внимание на этом рынке, мы сравнили ключевые метрики российских и западных изданий. В основе анализа — данные SimilarWeb (сентябрь 2025), рейтинг цитируемости "Медиалогии" и индекс ИКС от "Яндекса".
https://habr.com/ru/articles/957454/
#сми #сми_в_интернете #securitylab #xakepru #antimalware #информационная_безопасность #рейтинг_сми
-
XWorm está de volta: o perigoso malware foi atualizado e agora inclui ransomware
🔗 https://tugatech.com.pt/t72362-xworm-esta-de-volta-o-perigoso-malware-foi-atualizado-e-agora-inclui-ransomware#antimalware #ataque #criptomoeda #criptomoedas #ddos #detetado #Discord #edr #engenhariasocial #ftp #javascript #malware #microsoft #phishing #plugins #ransomware #servidores #trojan #web
-
XWorm está de volta: o perigoso malware foi atualizado e agora inclui ransomware
🔗 https://tugatech.com.pt/t72362-xworm-esta-de-volta-o-perigoso-malware-foi-atualizado-e-agora-inclui-ransomware#antimalware #ataque #criptomoeda #criptomoedas #ddos #detetado #Discord #edr #engenhariasocial #ftp #javascript #malware #microsoft #phishing #plugins #ransomware #servidores #trojan #web
-
XWorm está de volta: o perigoso malware foi atualizado e agora inclui ransomware
🔗 https://tugatech.com.pt/t72362-xworm-esta-de-volta-o-perigoso-malware-foi-atualizado-e-agora-inclui-ransomware#antimalware #ataque #criptomoeda #criptomoedas #ddos #detetado #Discord #edr #engenhariasocial #ftp #javascript #malware #microsoft #phishing #plugins #ransomware #servidores #trojan #web
-
XWorm está de volta: o perigoso malware foi atualizado e agora inclui ransomware
🔗 https://tugatech.com.pt/t72362-xworm-esta-de-volta-o-perigoso-malware-foi-atualizado-e-agora-inclui-ransomware#antimalware #ataque #criptomoeda #criptomoedas #ddos #detetado #Discord #edr #engenhariasocial #ftp #javascript #malware #microsoft #phishing #plugins #ransomware #servidores #trojan #web
-
XWorm está de volta: o perigoso malware foi atualizado e agora inclui ransomware
🔗 https://tugatech.com.pt/t72362-xworm-esta-de-volta-o-perigoso-malware-foi-atualizado-e-agora-inclui-ransomware#antimalware #ataque #criptomoeda #criptomoedas #ddos #detetado #Discord #edr #engenhariasocial #ftp #javascript #malware #microsoft #phishing #plugins #ransomware #servidores #trojan #web
-
AMD lança guia completo para resolver o irritante Erro 1603 na instalação de drivers
🔗 https://tugatech.com.pt/t71817-amd-lanca-guia-completo-para-resolver-o-irritante-erro-1603-na-instalacao-de-drivers#AMD #antimalware #chipset #ia #microsoft #online #software #windows
-
AMD lança guia completo para resolver o irritante Erro 1603 na instalação de drivers
🔗 https://tugatech.com.pt/t71817-amd-lanca-guia-completo-para-resolver-o-irritante-erro-1603-na-instalacao-de-drivers#AMD #antimalware #chipset #ia #microsoft #online #software #windows
-
AMD lança guia completo para resolver o irritante Erro 1603 na instalação de drivers
🔗 https://tugatech.com.pt/t71817-amd-lanca-guia-completo-para-resolver-o-irritante-erro-1603-na-instalacao-de-drivers#AMD #antimalware #chipset #ia #microsoft #online #software #windows
-
AMD lança guia completo para resolver o irritante Erro 1603 na instalação de drivers
🔗 https://tugatech.com.pt/t71817-amd-lanca-guia-completo-para-resolver-o-irritante-erro-1603-na-instalacao-de-drivers#AMD #antimalware #chipset #ia #microsoft #online #software #windows
-
AMD lança guia completo para resolver o irritante Erro 1603 na instalação de drivers
🔗 https://tugatech.com.pt/t71817-amd-lanca-guia-completo-para-resolver-o-irritante-erro-1603-na-instalacao-de-drivers#AMD #antimalware #chipset #ia #microsoft #online #software #windows
-
At my workplace, #Microsoft #Defender 365 aka the #antimalware from hell, has decided that https://duckdb.org is a malicious link.
Every time someone tries to post it on Teams, it is blocked.
I suggested that maybe we can trigger an integer overflow in the system after many alerts... -
At my workplace, #Microsoft #Defender 365 aka the #antimalware from hell, has decided that https://duckdb.org is a malicious link.
Every time someone tries to post it on Teams, it is blocked.
I suggested that maybe we can trigger an integer overflow in the system after many alerts... -
Monthly reminder that #Windows11 fucking sucks ass.
Trying to troubleshoot why a software didn't start and Windows Defender false-positive a DLL that now can't restore.
Great start for a monday.
#Windows #Microsoft #Troubleshooting #WindowsDefender #Malware #AntiMalware #AntiVirus #AV
-
Monthly reminder that #Windows11 fucking sucks ass.
Trying to troubleshoot why a software didn't start and Windows Defender false-positive a DLL that now can't restore.
Great start for a monday.
#Windows #Microsoft #Troubleshooting #WindowsDefender #Malware #AntiMalware #AntiVirus #AV
-
Monthly reminder that #Windows11 fucking sucks ass.
Trying to troubleshoot why a software didn't start and Windows Defender false-positive a DLL that now can't restore.
Great start for a monday.
#Windows #Microsoft #Troubleshooting #WindowsDefender #Malware #AntiMalware #AntiVirus #AV