Tech Blog - ObjectSecurity

The Limits of SAST: Predicting the User

The Limits of SAST: Predicting the User

Trevor Thomas2024-11-15T14:58:22-08:00September 16th, 2024|

In SAST (static application security testing), source code is analyzed without being executed. SAST can be used to detect buffer overflows, injection flaws, and [...]

“Rewrite it in Rust”: A Brute Force Approach to Memory Safety

“Rewrite it in Rust”: A Brute Force Approach to Memory Safety

Trevor Thomas2024-11-15T14:59:19-08:00August 22nd, 2024|

In Exploring Memory Safety in Critical Open Source Projects, CISA, the FBI, and other foreign cyber security agencies report that approximately 52% of critical [...]

CrowdStrike: A Lesson in Memory Safety

CrowdStrike: A Lesson in Memory Safety

Trevor Thomas2024-11-15T15:00:56-08:00August 2nd, 2024|

This blog post discusses the recent CrowdStrike incident where a flawed update caused blue screen errors (BSODs) on Windows systems, leading to widespread disruptions. [...]

How can a Stack Buffer Overflow be used to Execute Arbitrary Code?

How can a Stack Buffer Overflow be used to Execute Arbitrary Code?

Trevor Thomas2024-11-15T15:02:01-08:00July 15th, 2024|

The article explains Stack-based Buffer Overflow attacks (CWE-121), highlighting their mechanisms, severe consequences, and the lack of protections in embedded devices. It illustrates exploitation [...]

PRESS RELEASE: NIST Awards ObjectSecurity OT Cybersecurity Grant

PRESS RELEASE: NIST Awards ObjectSecurity OT Cybersecurity Grant

Ulrich Lang2024-11-15T15:02:47-08:00June 26th, 2024|

San Diego, Calif. – June 24, 2024 – ObjectSecurity, a leader in solving complex, evolving defense and industrial cybersecurity and supply chain risk challenges, today [...]

A Deep Dive into the Recent Eclipse ThreadX CVEs: Who’s Affected?

A Deep Dive into the Recent Eclipse ThreadX CVEs: Who’s Affected?

Trevor Thomas2024-11-15T15:03:53-08:00June 10th, 2024|

This blog post discusses two newly discovered CVEs affecting Eclipse ThreadX before version 6.4.0: CVE-2024-2214 and CVE-2024-2212. Discovered by Humanativa Group, these vulnerabilities involve [...]

PRESS RELEASE: DARPA Awards ObjectSecurity $1.5M Embedded Device Analysis Contract

PRESS RELEASE: DARPA Awards ObjectSecurity $1.5M Embedded Device Analysis Contract

Ulrich Lang2026-02-05T19:48:01-08:00May 24th, 2024|

San Diego, Calif. – May 24, 2024 – ObjectSecurity, a leader in solving complex, evolving defense and industrial cybersecurity and supply chain risk challenges, today [...]

Finding Segmentation Faults in Binary Machine Code: Comparing Different Approaches

Finding Segmentation Faults in Binary Machine Code: Comparing Different Approaches

ObjectSecurity LLC2024-05-20T08:43:45-07:00May 17th, 2024|

The blog post explores different approaches to finding segmentation faults in binary machine code. It compares static analysis, fuzzing, and concolic analysis. While static [...]

You Should be Automating Binary Reverse Engineering: Here’s Why.

You Should be Automating Binary Reverse Engineering: Here’s Why.

ObjectSecurity LLC2024-11-15T15:05:38-08:00April 23rd, 2024|

Binary reverse engineering is a luxury not many can afford. Up until now, there haven't been options to automate and scale the skills and [...]

Detecting the xz-utils Backdoor with Automation

Detecting the xz-utils Backdoor with Automation

ObjectSecurity LLC2024-11-15T15:06:15-08:00April 8th, 2024|

In this ObjectSecurity blog post, we discuss how automated binary vulnerability analysis helps detect advanced attacks such as the recently discovered "xz-utils backdoor", which [...]

Automating Binary Exploit Detection using BinLens

Automating Binary Exploit Detection using BinLens

ObjectSecurity LLC2024-11-15T15:08:05-08:00April 2nd, 2024|

Binary analysis is essential for protecting software, running on various devices, when you do not have access to resources such as source code, open [...]

ObjectSecurity Technical Blog

Check out our blog for all of the newest information.

In The News Today