Software Testing Methodologies & Approaches to Fuzzing
In this article, I would like to introduce fuzz testing as part of a vast overview of software testing approaches used to discover bugs and vulnerabilities within applications, protocols, file formats and more.With an ever-increasing number of vulnerabilities discovered during the years, many organizations still spend little budget and effort to produce and ensure code quality and, even when they do extensive testing and assess their code, bugs are unavoidable.Code review and, in general, finding bugs is complex and require a lot of effort on both skilled humans and technology.Companies that are not willing to spend time and money into correcting bugs end up paying for it in corrective efforts after the application is released. The entire codebase is searched for suspect patterns and dangerous functions usage, which could indicate potential vulnerabilities.SCA is similar to SAST, however, its main goal is to identify all open-source components, libraries and dependencies in a codebase and to map that inventory to a list of current known vulnerabilities.In DAST the source code is compiled, executed and then scanned at runtime in search of security vulnerabilities. During the fuzzing process, random inputs are «sent» to the software under test, while its behaviour is monitored, until a crash is triggered. The input which caused the crash is then recorded and analysed to derive information that can be used to exploit the bug in the application.
Source — https://voidsec.com/software-testing-methodologies-approaches-to-fuzzing/
Certified Malware Analyst — Exploit Development, Expert Malware Analysis & Reverse Engineering
Certified Malware Analyst: In 2020, sophisticated Cyber attacks keep on increasing by APT threats that target most of the enterprise-level networks and individuals. Preventing Enterprise networks from advanced level threats is challenging tasks for malware analysts and threat researchers to break down the complete malware samples.There is a huge skill gap to approach, analysis and break down the advanced malware attacks from APT hackers around the globe. Analyzing sophisticated malware is always a complex process. Ethical Hackers academy spend plenty of time developing this course to easily understand the infection of sophisticated Malware such as Trojan, viruses, rootkits, ransomware, spyware, adware, and most recently malware families from APT hackers group and break down its infection vectors. The reverse Engineering phase will cover complete reversing operation against Windows, Linux, macOS, and Android-based apps. also, you will learn about the complete insight of figure out the vulnerabilities that resides in the Applications and Operating system.The Advanced Malware analysis Phase will train you to develop simple and effective Exploitation tools and exploring the vulnerabilities and the module of the exploitation that triggers the bug and bypass the target applications.
Source — https://gbhackers.com/certified-malware-analyst/
Report to Your Management with the Definitive ‘Incident Response for Management’ Presentation Template
Security incidents occur. ‘ There are security products and procedures that were implemented to optimize the IR process, so from the ‘security-professional’ angle, things are taken care of. However, many security pros who are doing an excellent job in handling incidents find effectively communicating the ongoing process with their management a much more challenging task. Cynet addresses this gap with the IR Reporting for Management PPT template, providing CISOs and CIOs with a clear and intuitive tool to report both the ongoing IR process and its conclusion.
Mapping a high-level description of the attack route to resulted damage is paramount to get the management’s understanding and involvement, especially if the IR process entails additional spending.
Lessons Learned
Communication to management is not a nice-to-have but a critical part of the IR process itself. The definitive IR Reporting to Management PPT template enables all who work hard to conduct professional and efficient IR processes in their organizations to make their efforts and results crystal clear to their management.
Source — https://thehackernews.com/2019/10/cybersecurity-incident-response.html
Hackers Using Microsoft Build Engine to Deliver Malware Filelessly
The actively ongoing campaign is said to have emerged last month, researchers from cybersecurity firm Anomali said on Thursday, adding the malicious build files came embedded with encoded executables and shellcode that deploy backdoors, allowing the adversaries to take control of the victims’ machines and steal sensitive information. MSBuild is an open-source build tool for . In using MSBuild to filelessly compromise a machine, the idea is to stay under the radar and thwart detection, as such malware makes use of a legitimate application to load the attack code into memory, thereby leaving no traces of infection on the system and giving attackers a high level of stealth. As of writing, only two security vendors flag one of the MSBuild .
Proj files as malicious, while a second sample uploaded to VirusTotal on April 18 remains undetected by every anti-malware engine. The majority of the samples analyzed by Anomali were found to deliver the Remcos RAT, with a few others also delivering the Quasar RAT and RedLine Stealer. «This campaign highlights that reliance on antivirus software alone is insufficient for cyber defense, and the use of legitimate code to hide malware from antivirus technology is effective and growing exponentially».
Source — https://thehackernews.com/2021/05/hackers-using-microsoft-build-engine-to.html
Stay Focused. Stay Vigilant.
Cyber Threat Incident Management Team — Cyber Security Community @ SLIIT
