IN THE NEWS TODAY
The Limits of SAST: Predicting the User
In SAST (static application security testing), source code is analyzed without being executed. SAST can be used to detect buffer overflows, injection flaws, and [...]
“Rewrite it in Rust”: A Brute Force Approach to Memory Safety
In Exploring Memory Safety in Critical Open Source Projects, CISA, the FBI, and other foreign cyber security agencies report that approximately 52% of critical [...]
CrowdStrike: A Lesson in Memory Safety
This blog post discusses the recent CrowdStrike incident where a flawed update caused blue screen errors (BSODs) on Windows systems, leading to widespread disruptions. [...]
How can a Stack Buffer Overflow be used to Execute Arbitrary Code?
The article explains Stack-based Buffer Overflow attacks (CWE-121), highlighting their mechanisms, severe consequences, and the lack of protections in embedded devices. It illustrates exploitation [...]
PRESS RELEASE: NIST Awards ObjectSecurity OT Cybersecurity Grant
San Diego, Calif. – June 24, 2024 – ObjectSecurity, a leader in solving complex, evolving defense and industrial cybersecurity and supply chain risk challenges, today [...]
A Deep Dive into the Recent Eclipse ThreadX CVEs: Who’s Affected?
This blog post discusses two newly discovered CVEs affecting Eclipse ThreadX before version 6.4.0: CVE-2024-2214 and CVE-2024-2212. Discovered by Humanativa Group, these vulnerabilities involve [...]
PRESS RELEASE: DARPA Awards ObjectSecurity $1.5M Embedded Device Analysis Contract
San Diego, Calif. – May 24, 2024 – ObjectSecurity, a leader in solving complex, evolving defense and industrial cybersecurity and supply chain risk challenges, today [...]
Finding Segmentation Faults in Binary Machine Code: Comparing Different Approaches
The blog post explores different approaches to finding segmentation faults in binary machine code. It compares static analysis, fuzzing, and concolic analysis. While static [...]
You Should be Automating Binary Reverse Engineering: Here’s Why.
Binary reverse engineering is a luxury not many can afford. Up until now, there haven't been options to automate and scale the skills and [...]
Detecting the xz-utils Backdoor with Automation
In this ObjectSecurity blog post, we discuss how automated binary vulnerability analysis helps detect advanced attacks such as the recently discovered "xz-utils backdoor", which [...]
Automating Binary Exploit Detection using BinLens
Binary analysis is essential for protecting software, running on various devices, when you do not have access to resources such as source code, open [...]
