one of the crucial first bulletins at BlackHat united states of america 2020 is an open-source device to combat malware that BlackBerry first used internally and is now making accessible to everybody.
image: iStockphoto/solarseven
At BlackHat united states of america 2020, BlackBerry announced on Monday that its open-source interior tool PE Tree is now purchasable for all security specialists to make use of for reverse engineering malware.
This tool permits reverse engineers to view portable Executable (PE) info in a tree view using pefile and PyQt5. This makes it less complicated to dump and reconstruct malware from reminiscence whereas proposing an open-supply PE viewer code-base. The tool integrates with Hex-Rays' IDA professional decompiler to permit for easy navigation of PE constructions, as well as dumping in-reminiscence PE data and performing import reconstruction.
SEE: Black Hat 2020: Cybersecurity tendencies, tools, and threats (free PDF) (TechRepublic)
PE Tree became developed in Python and supports the windows, Linux, and Mac operating programs. It will also be installed and run as a standalone utility or an IDAPython plugin, permitting users to check any executable windows file and spot what its composition is.
Eric Milam, vp of research operations for BlackBerry, said in an announcement, "As cybercriminals up their online game, the cybersecurity community needs new tools in their arsenal to shield and give protection to companies and people. now we have created this solution to support the cybersecurity group in this combat, the place there at the moment are greater than a thousand million items of malware with that quantity carrying on with to grow through upwards of one hundred million items each and every yr."
SEE: SSL certificate greatest Practices policy (TechRepublic premium)
Reverse engineers use a couple of equipment to deconstruct malware, together with disassemblers, debuggers, PE viewers, and community analyzers.
Later this week at Black Hat country 2020, Kevin Livelli, BlackBerry's director of threat intelligence, could be presenting on Decade of the RATs on August 5 at 11-eleven:40 am PT. BlackBerry will also be offering a backed webinar about its partnership with Intel to stop cryptojacking malware, and this session will drill down into BlackBerry Optics AI-based EDR know-how for Linux.
Cybersecurity Insider publicationreinforce your company's IT safety defenses by using maintaining abreast of the latest cybersecurity information, options, and most reliable practices. Delivered Tuesdays and Thursdays
register today
No comments:
Post a Comment