NSA Releases Open Source Software Reverse Engineering Tool called Ghidra

Research Directorate of National Security Agency (NSA) has released an Open Source Software Reverse Engineering tool called Ghidra. This software is very useful for a software developer and security researcher to analyze the source code of various programs. Especially this software can be helpful to find the malicious code inside a malware and can be used to gather information on how malware is functioning. This software has a lot of features, some of the most important features include the ability to disassembly, assembly, decompilation, graphing and scripting. It also supports plugin so one can develop their own plug-in using Java or Python.

Currently, it is available for Windows, Mac OS & Linux and it only supports 64bit version of OS. Ghidra doesn't use traditional installation file to install the program, it comes with a compressed file and it can be extracted on any file directory to run the program.

Ghidra requires Java Runtime and Development Kit on the path to run the application and NSA recommends using OpenJDK distribution from jdk.java.net for a most stable experience.

Here are the download link and other information for Ghidra
Official Website
Download Link
Ghidra Installation Guide
Frequently Asked Questions
Wiki
GitHub Repository

Why should we stop using SMS-based two-factor authentication?

Today, securing an application is challenging as attackers are becoming increasingly sophisticated. A proper authentication system plays a significant role in application security, as, without one, the app’s vulnerability could allow a malicious person to gain unauthorized access. Poorly configured authentication systems and human error are the most common reasons for data breaches. Therefore, to address this issue, the concept of two-factor authentication (2FA) or multifactor authentication is applied. In addition to user ID and password, 2FA requires users to input a temporary code unique to them to verify their identity. This creates an extra layer of security by adding one more element to the authentication process. If a user’s login credentials are compromised, malicious actors won’t be able to access the resources since they would need to have both the login credentials and the 2FA code. One of the most widely used methods of 2FA is an SMS-based code, where the user needs to en

Triton: A Malware That can Kill Human

When we think of malware we think of a program that is designed to harm a computer device, servers or network. But these days bad guys are creating malware targetting the critical infrastructure which can deliberately kill people. Malware that is targetting critical infrastructure and human damage is not new in the cyberspace as there were few other cases before like Stuxnet but nowadays such malware is increasing at an alarming rate. Recently one malware was detected by an experienced cyber responder Julian Gutmanis which could pose a serious threat to human life. The malware was found on the server of the petrochemical plant in Saudi Arabia in the summer of 2017. The initial vector of malware infection is still unknown but it could be the result of a phishing attack. Hacker managed to deploy their malicious program on the plant's safety instrumented system so that they could have full control of the safety system of the plant. Hackers were able to control the plant's system

Five Ways to Get Rid of Cryptojacking Malware

Cryptojacking is a growing threat in 2018 and there are several ways to prevent this threat. Few of the methods to prevent this emerging online threat are discussed below. Installing browsing extension Most of the crypto mining malware works from the web browser so we can stop that malware by installing a browser extension. There are few browser extensions like ublock origin & Malwarebytes that will help to block any cryptojacking scripts. If we have these extensions installed on the browser, they will automatically stop those scripts from running on the browser which will prevent the browser from running the mining code. Those extensions are available for free and they regularly update their signature. Since they will automatically filter the mining codes we don’t need to check them manually. Therefore, installing a proper extension will help to get rid of cryptojacking malware. Installing only trusted applications Another big source of crypto mining malware is untrusted ap

Amar Bhattarai

Search This Blog