Ezuri: Regenerating a different kind of target. [Research Saturday]

CyberWire Daily

By CyberWire, Inc.

Ezuri: Regenerating a different kind of target. [Research Saturday]

Saturday, 3 April

Guests Fernando Martinez and Tom Hegel from AT&T Alien Labs join Dave to discuss their team's research "Malware using new Ezuri memory loader." Multiple threat actors have recently started using a Go language (Golang) tool to act as a packer and avoid Antivirus detection. Additionally, the Ezuri memory loader tool acts as a malware loader and executes its payload in memory, without writing the file to disk. While this technique is known and commonly used by Windows malware, it is less popular in Linux environments. The research can be found here: Malware using new Ezuri memory loader
-
-
Heart UK
Mute/Un-mute