DevOps: Accelerating Application Modernization (June 22nd)
Permhash - No Curls Necessary
Mandiant News, Tuesday, May 16,2023
May 16, 2023,
Volume 302, Issue 3

Adversaries take numerous directions to gain authorization for actions on targeted endpoints: privilege escalation, DLL side-loading, credential theft, and more.

Browser extensions, Android Packages (APKs), and other permission declaring files take a different approach-they declare the permissions they require, sensitive or not. These file types are external code sources that are given authorization to run with varying degrees of permissions. Due to their unique file type, not being a standard executable, there is a lack of automated analysis that is performed on these files. Security researchers, threat hunters, and cyber analysts need a method to cluster, hunt for, and pivot between browser extensions, APKs, and other files that declare a set of permissions in a repeatable and scalable way.

Read More ...


    Other articles in the Mandiant News section of Volume 302, Issue 3:

    See all archived articles in the Mandiant News section.