Tag: malware sandbox

2024-07-19

There are scenarios in which opting for the best possible solution is non-negotiable. Think of medical surgery, aerospace safety, military operations, or pharmaceutical development. The reason? While the probability of a catastrophe may seem low, its impact is extraordinarily high. In cybersecurity, breaches are no longer a low-probability event, and

2024-04-26

Malware authors are continuously evolving their tactics to evade detection by security tools, and sandbox evasion techniques are a critical component of this cat-and-mouse game. In this comprehensive article, we’ll delve into the intricate details of the three primary categories of sandbox evasion techniques employed by modern malware, shedding light

2019-08-01
This content covered in the blog is based on my Objective By the Sea talk “Hypervisor-Based Analysis of macOS Malware”. You can access the slides from my presentation here. A Growing Threat and a Dearth of Tools Compared to Windows, macOS accounts for only a small percentage of all malware,
[Editor’s Note: This post was updated on May 19th, 2020] In the daily war against malware authors, incident response teams (CIRTs) need a comprehensive yet versatile sandbox as part of their automated malware analysis process. This provides the performance, scalability, and accuracy needed to handle the onslaught of malware-related threats.
According to Microsoft’s 2016 Threat Intelligence Report, 98% of Office-targeted threats use macros. So, shouldn’t we just focus our efforts on detecting threats that leverage macros? Of course not. Attackers will constantly innovate. Finding ways to bypass existing security solutions and making malware easy to execute are top of mind

In the era of Big Data scalability is always a key concern. Simply throwing hardware at the problem isn’t enough. If the software architecture can’t fully take advantage of the available bandwidth and compute power, bottlenecks remain. One of VMRay Analyzer’s main advantages is our agentless hypervisor-based approach, allowing substantially

The automated creation and deployment of fully custom VMs (Virtual Machines) as analyses targets may seem like an arcane topic, but it’s crucially important to successful threat analysis, particularly for targeted attacks. There are several reasons: Targeted attacks using custom(ized) malware often will check for specific attributes on the target

Malware that evades detection is nothing new. But in a constantly evolving threat landscape, particularly around targeted attacks, we now see more Environment-Sensitive Malware. This is alternately known as context-aware or environment-aware malware. Not a low carbon footprint variety, but rather malware that is tailored to run only under certain

Uncover the truth of Cybersecurity, one story at a time

Keep up to date with our weekly digest of articles. Get the latest news, invites to events, and threat alerts!

Subscribe to our Newsletter