Select Page
Answering the Call for Heightened Vigilance in the Face of Unknown Threats

Answering the Call for Heightened Vigilance in the Face of Unknown Threats

With vendors leveraging increasingly advanced obfuscation and encryption techniques to protect the confidentiality of their code, finding vulnerabilities can be especially challenging. Another difficulty is the firmware itself becoming a challenge to reverse, if it was compiled for an obsolete architecture and commercial disassemblers can’t properly reconstruct it. The firmware in the Schneider Electric APC PDU is an example of such a code; it has been around for years and is compiled for an old and obsolete version of the Intel 80286, which prevents easy reading or inspection.

How IoT Botnets Evade Detection and Analysis

How IoT Botnets Evade Detection and Analysis

One key technique to stymie reverse engineering botnet code is to obfuscate the code by compressing or encrypting the executable, called packing. This blog explores the current packers used by IoT malware, using data collected by Nozomi Networks honeypots.