SEI Blog | Malware

SEI Blog | Malwarehttp://www.sei.cmu.edu/feeds/tag/Updates on changes and additions to the SEI Blog for posts matching Malwareen-usMon, 19 Sep 2022 00:00:00 -0400Using Alternate Data Streams in the Collection and Exfiltration of Datahttps://www.sei.cmu.edu/blog/using-alternate-data-streams-in-the-collection-and-exfiltration-of-data/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesIn this blog post, we describe how attackers obscure their activity via alternate data streams (ADSs) and how to defend against malware attacks that employ ADSs.Dustin Updyke, Molly JaconskiMon, 19 Sep 2022 00:00:00 -0400https://www.sei.cmu.edu/blog/using-alternate-data-streams-in-the-collection-and-exfiltration-of-data/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesVulnerability AnalysisVulnerability DiscoveryVulnerability MitigationMalware AnalysisMalwareVulnerabilities: Everybody’s Got One!https://www.sei.cmu.edu/blog/vulnerabilities-everybodys-got-one/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesIn this post, Leigh Metcalf describes how she pulled data from the malvuln project to explore recent vulnerabilities in both malware and non-malware to study the differences.Leigh MetcalfWed, 16 Jun 2021 00:00:00 -0400https://www.sei.cmu.edu/blog/vulnerabilities-everybodys-got-one/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesCERT/CC VulnerabilitiesVulnerability AnalysisMalware AnalysisMalwareBusiness Email Compromise: Operation Wire Wire and New Attack Vectorshttps://www.sei.cmu.edu/blog/business-email-compromise-operation-wire-wire-and-new-attack-vectors/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesIn June 2018, Federal authorities announced a significant coordinated effort to disrupt business email compromise (BEC) schemes that are designed to intercept and hijack wire transfers from businesses and individuals....Anne ConnellMon, 08 Apr 2019 00:00:00 -0400https://www.sei.cmu.edu/blog/business-email-compromise-operation-wire-wire-and-new-attack-vectors/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMalwareCyber MissionsBest Practices in Network SecuritySocial EngineeringPath Finding in Malicious Binaries: First in a Serieshttps://www.sei.cmu.edu/blog/path-finding-in-malicious-binaries-first-in-a-series/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesIn a previous post, I discussed the Pharos Binary Analysis Framework and tools to support reverse engineering of binaries with a focus on malicious code analysis. Recall that Pharos is....Jeff GennariMon, 10 Dec 2018 00:00:00 -0500https://www.sei.cmu.edu/blog/path-finding-in-malicious-binaries-first-in-a-series/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesReverse Engineering for Malware AnalysisMalware AnalysisCyber MissionsMalwareSecurity Begins at the Home Routerhttps://www.sei.cmu.edu/blog/security-begins-at-the-home-router/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesIn recent days, the VPNFilter malware has attracted attention, much of it in the wake of a May 25 public service announcement from the FBI, as well as a number of announcements from vendors and security companies....Vijay SarvepalliMon, 30 Jul 2018 00:00:00 -0400https://www.sei.cmu.edu/blog/security-begins-at-the-home-router/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesCyber MissionsMalwareBig-Data Malware: Preparation and Messaginghttps://www.sei.cmu.edu/blog/big-data-malware-preparation-and-messaging/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesPart one of this series of blog posts on the collection and analysis of malware and storage of malware-related data in enterprise systems reviewed practices for collecting malware, storing it, and storing data about it....Brent FryeMon, 18 Jun 2018 00:00:00 -0400https://www.sei.cmu.edu/blog/big-data-malware-preparation-and-messaging/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesCyber MissionsMalwareData Modeling and AnalyticsBig-Data Malware: Collection and Storagehttps://www.sei.cmu.edu/blog/big-data-malware-collection-and-storage/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThe growth of big data has affected many fields, including malware analysis. Increased computational power and storage capacities have made it possible for big-data processing systems to handle the increased volume of data being collected....Brent FryeMon, 04 Jun 2018 00:00:00 -0400https://www.sei.cmu.edu/blog/big-data-malware-collection-and-storage/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesCyber MissionsMalwareData Modeling and AnalyticsData Science, Blacklists, and Mixed-Critical Software: The Latest Research from the SEIhttps://www.sei.cmu.edu/blog/data-science-blacklists-and-mixed-critical-software-the-latest-research-from-the-sei/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesDiscover recently released SEI publications in early lifecycle cost estimation, host protection strategies, AADL, and more in this SEI Blog post.Douglas SchmidtMon, 05 Sep 2016 00:00:00 -0400https://www.sei.cmu.edu/blog/data-science-blacklists-and-mixed-critical-software-the-latest-research-from-the-sei/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMalwareSoftware ArchitectureArchitecture Analysis and Design Language (AADL)Threat Analysis Mapping, Connected Vehicles, Emerging Technologies, and Cyber-Foraging: The Latest Research from the SEIhttps://www.sei.cmu.edu/blog/threat-analysis-mapping-connected-vehicles-emerging-technologies-and-cyber-foraging-the-latest-research-from-the-sei/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesRecently published SEI reports highlight the latest work of SEI technologists in estimating program costs early in the development lifecycle, threat analysis mapping, risks and vulnerabilities in connected vehicles, emerging technologies, and cyber-foraging.Douglas SchmidtMon, 02 May 2016 00:00:00 -0400https://www.sei.cmu.edu/blog/threat-analysis-mapping-connected-vehicles-emerging-technologies-and-cyber-foraging-the-latest-research-from-the-sei/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMalwareStatic Identification of Program Behavior using Sequences of API Callshttps://www.sei.cmu.edu/blog/static-identification-of-program-behavior-using-sequences-of-api-calls/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesLearn how to statically characterize program behavior using API calls and how the SEI automated this reasoning with the malware analysis tool ApiAnalyzer.Jeff GennariMon, 11 Apr 2016 00:00:00 -0400https://www.sei.cmu.edu/blog/static-identification-of-program-behavior-using-sequences-of-api-calls/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMalwareThe SEI Technical Strategic Planhttps://www.sei.cmu.edu/blog/the-sei-technical-strategic-plan/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis SEI Blog post examines research undertaken by the SEI addressing key cybersecurity, software engineering, and related acquisition issues faced by DoD.Kevin FallMon, 24 Aug 2015 00:00:00 -0400https://www.sei.cmu.edu/blog/the-sei-technical-strategic-plan/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesBig DataMalwareThe Pharos Framework: Binary Static Analysis of Object Oriented Codehttps://www.sei.cmu.edu/blog/the-pharos-framework-binary-static-analysis-of-object-oriented-code/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis SEI Blog post discusses tools developed by the SEI's CERT Division to support reverse engineering and malware analysis tasks on C++ programs.Jeff GennariTue, 18 Aug 2015 00:00:00 -0400https://www.sei.cmu.edu/blog/the-pharos-framework-binary-static-analysis-of-object-oriented-code/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMalwareTesting, Agile Metrics, Fuzzy Hashing, Android, and Big Data: The SEI Blog Mid-Year Review (Top 10 Posts)https://www.sei.cmu.edu/blog/testing-agile-metrics-fuzzy-hashing-android-and-big-data-the-sei-blog-mid-year-review-top-10-posts/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesAs we reach the mid-year point, this blog posting highlights our 10 most popular posts, and links to additional related resources you might find of interestDouglas SchmidtMon, 13 Jul 2015 00:00:00 -0400https://www.sei.cmu.edu/blog/testing-agile-metrics-fuzzy-hashing-android-and-big-data-the-sei-blog-mid-year-review-top-10-posts/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesHigh-Performance ComputingMalwareTestingAgileThe 2014 Year in Review: Top 10 Blog Postshttps://www.sei.cmu.edu/blog/the-2014-year-in-review-top-10-blog-posts/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesDiscover the top 10 SEI Blog posts of 2014, and dive deeper into each area of research.Douglas SchmidtMon, 22 Dec 2014 00:00:00 -0500https://www.sei.cmu.edu/blog/the-2014-year-in-review-top-10-blog-posts/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesDevopsAndroidSecure CodingMalwareAgileBig DataThe Latest Research from the SEI - July 2014https://www.sei.cmu.edu/blog/latest-research-sei2/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesDiscover the SEI's latest research on secure coding, the CERT Resilience Management Model, malicious-code reverse engineering, and incident management.Douglas SchmidtMon, 07 Jul 2014 00:00:00 -0400https://www.sei.cmu.edu/blog/latest-research-sei2/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMalwareResilience Management Model (RMM)Secure CodingSystems EngineeringA New Approach to Prioritizing Malware Analysishttps://www.sei.cmu.edu/blog/a-new-approach-to-prioritizing-malware-analysis/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis SEI Blog presents SEI and CMU's research demonstrating a 98% accurate approach for distinguishing between malicious and benign binary files.José MoralesMon, 21 Apr 2014 00:00:00 -0400https://www.sei.cmu.edu/blog/a-new-approach-to-prioritizing-malware-analysis/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMalwareProvenance Inference in Softwarehttps://www.sei.cmu.edu/blog/provenance-inference-in-software/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesExplore research on source code evolution and creation of models that recover relationships between codes when provenance is unknown in this SEI Blog.William CaseyMon, 03 Feb 2014 00:00:00 -0500https://www.sei.cmu.edu/blog/provenance-inference-in-software/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMalware2013: The Research Year in Reviewhttps://www.sei.cmu.edu/blog/2013-the-research-year-in-review/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesDiscover highlights of the SEI’s R&D accomplishments in 2013.Douglas SchmidtMon, 23 Dec 2013 00:00:00 -0500https://www.sei.cmu.edu/blog/2013-the-research-year-in-review/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesInsider ThreatMalwareAgileSoftware ArchitectureArchitecture Analysis and Design Language (AADL)Prioritizing Malware Analysishttps://www.sei.cmu.edu/blog/prioritizing-malware-analysis/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesIn early 2012, a backdoor Trojan malware named Flame was discovered in the wild. When fully deployed, Flame proved very hard for malware researchers to analyze....José MoralesMon, 04 Nov 2013 00:00:00 -0500https://www.sei.cmu.edu/blog/prioritizing-malware-analysis/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesVulnerability AnalysisSecurity VulnerabilitiesMalware AnalysisMalwareCERT/CCDeterrence for Malware: Towards a Deception-Free Internethttps://www.sei.cmu.edu/blog/deterrence-for-malware-towards-a-deception-free-internet/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis SEI Blog post highlights research on identifying malicious patterns, building incentives-based measurement systems, and improving software resilience to attacks.William CaseyMon, 23 Sep 2013 00:00:00 -0400https://www.sei.cmu.edu/blog/deterrence-for-malware-towards-a-deception-free-internet/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMalware