Comparison of the ransomware used against Enel and Honda François did an internship with us between April and August. He worked on the development of a tool that extracts symbols from a program written in Go. Here is an article that presents an application of his work for ransomware analysis Read more…
Email protection with GLIMPS Malware In the last few weeks, following the covid-19 crisis and the generalization of teleworking, there has been a very strong resurgence of phishing attacks. Concerning Coronavirus, there is little we can do except stay quietly at home behind our PC screens. Computer attacks on the Read more…
Detection and characterization of an unknown malware thanks to GLIMPS Malware As for the Threat-Intel use case, we have taken back our mirai source code, this time with some modifications : In order to be detected with more difficulty, we have removed the most obvious strings, We did not use Read more…
Reverse-engineering with GLIMPS-Audit What could be more tedious, when starting the reverse engineering of a binary, whether for a vulnerability search or a malware scan for example, to have to start by finding the known code? In some firmwares, where there are no debug symbols and the OS is proprietary, Read more…
Threat-Intel with GLIMPS technology You’ve probably already heard of Mirai: it’s a well-known and widespread botnet, the sources of which are publicly available on GitHub. There are versions of it for many architectures, and multiple variants. This makes it a very good case study for GLIMPS: we can recompile it Read more…