Aggregator

parselmouth —— 自动化的 Python 沙箱逃逸 payload bypass 框架

Update May 14, 2024 Today, VMware has released the following new security advisory: VMSA-2024-0010 – VMware Workstation and Fusion updates address multiple security vulnerabilities (CVE-2024-22267, CVE-2024-22268, CVE-2024-22269, CVE-2024-22270) The advisory documents the remediation of the Critical and Important severity vulnerabilities demonstrated at the Pwn2Own 2024 hacking contest. Customers should review the security advisory and direct … Continued

The post VMware by Broadcom and Pwn2Own Vancouver 2024 appeared first on VMware Security Blog.

Welcome to episode 11 of the Blue Team Diaries! In this episode, our host Peter Manev engages in a conversation with Dr. Josh Stroschein, Reverse Engineer @ FLARE with Google, as they delve into the world of malware analysis.

In this episode, you’ll learn:

• Essential environments: Explore popular options like Remnix and Flare VM to set up your secure analysis workspace.
• Powerful tools: Discover functionalities of Olefile, oledump, and Cyber Chef used to dissect and decode suspicious files.
• Valuable resources: Gain access to helpful materials like Josh’s GitHub repository and curated malware sample libraries.

The world of malware analysis can be daunting, but with the right guidance and tools, you can start chipping away at the mystery behind malicious files. Listen to this episode, because Dr. Josh Stroschein will equip you with the foundational knowledge to become a threat-hunting hero.

About Josh Stroschein

Josh is an experienced malware analyst and reverse engineer and has a passion for sharing his knowledge with others. He is a reverse engineer at Google (Chronicle), where he focuses on tackling the latest threats. Josh is an accomplished trainer, providing training at places such as Ring Zero, BlackHat, Defcon, Toorcon, Hack-In-The-Box, Suricon, and other public and private venues. Josh is also an author on Pluralsight, where he publishes content around malware analysis, reverse engineering, and other security related topics.

Where to find Josh Stroschein?

• The Cyber Yeti - https://www.thecyberyeti.com
• LinkedIn - https://www.linkedin.com/in/joshstroschein