A precious presentation by Pär Österberg Medina about dumping and analyzing a memory dump for detecting rootkits, discovered in the twitter feed of Binni Shah: Covered topics What is a rootkit? Dumping the memory How-to analyze a memory dump? Different rootkit techniques and how we detect it The presentation https://www.terena.org/activities/tf-csirt/meeting27/oesterberg-rootkits.pdf
Malware authors pack their software to resist reverse engineering and enable their operations to survive longer. However, many features of packing are easy to automatically identify during static or dynamic analysis.
Lander Brandt has discovered a denial of service vulnerability in ImageIO, a library of utilities for parsing various image formats. Which apps as affected? It’s used in many OS X and iOS applications including: Tweetbot Safari Messages Mail Preview Some popular applications that do not use ImageIO include: Chrome Firefox …
Anyone who works in cybersecurity should read Practical Malware Analysis.