Security Boulevard

Centurion: Bring Your Own Execution Environment

Writing my own virtualized loader is something I’ve been wanting to do since I first read Microsoft’s deep dive on FinFisher’s multi-layered VM obfuscation back in 2018. FinFisher didn’t just use one ...
WeLiveSecurity

Under the hood of Wslink’s multilayered virtual machine

ESET researchers recently described Wslink, a unique and previously undocumented malicious loader that runs as a server and that features a virtual-machine-based obfuscator. There are no code, ...
Dark Reading

Attacks on Bytecode Interpreters Conceal Malicious Injection Activity

Attackers can hide their attempts to execute malicious code by inserting commands into the machine code stored in memory by the software interpreters used by many programming languages, such as ...