I published the following diary on isc.sans.edu: “Sandbox Evasion Using NTP“:
I’m still hunting for interesting (read: “malicious”) Python samples. By reading my previous diaries, you know that I like to find how attackers implement obfuscation and evasion techniques. Like yesterday, I found a Python sample that creates a thread to run a malicious shellcode[1]. But before processing the shellcode, it performs suspicious network traffic… [Read more]
The post [SANS ISC] Sandbox Evasion Using NTP appeared first on /dev/random.
Article Link: https://blog.rootshell.be/2020/09/03/sans-isc-sandbox-evasion-using-ntp/