LLMs can now reverse engineer obfuscated malware. But what happens when malware authors use LLMs to iteratively obfuscate back?
Elastic Security Labs explored the arms race between LLM-driven reverse engineering and LLM-driven obfuscation. Who wins when both sides have the same tools?
This is the question every malware analyst, detection engineer, and red or blue teamer needs to be thinking about right now.
https://t.co/QURyXMRDcP
Author: @elasticseclabs
#MalwareAnalysis #ReverseEngineering #InfoSec
Ever wanted to find hot single SOC analysts in your area? TrollStackSpoofing now has built in one-way messaging for all your operational needs.
(I'll stop now, Sorry)
Today was my last day working on @_CobaltStrike. I’m incredibly grateful for the opportunity to contribute to a framework and community that have meant so much to the security industry. Thank you to everyone I’ve had the chance to learn from, collaborate with, and build alongside
It seems like in the latest preview build(s) ETW functionality has been encapsulated in it's own DLL (ETW.dll) -e.g., ControlTrace/etc. are now exported by this DLL instead of sechost/ADVAPI32/etc. Seems to just be code re-org (for now) - but maybe the future will reveal more!