miniblog.

← Back to all posts
Jan 7, 2018 at 17:29
If you someone made a concerted effort to put malware in a low level npm package, how hard would it be to detect? Worryingly, it would be really difficult.
HackerNoon - read, write and learn about any technology
HackerNoon - read, write and learn about any technology
How hackers start their afternoon. HackerNoon is a free platform with 25k+ contributing writers. 100M+ humans have visited HackerNoon to learn about technology

Related Posts

Aug 29, 2020 at 16:59
Sometimes, the best way to harden a service is to outsource it. I've dabbled with running my own CI service for PRs. Running *arbitrary* third party patches is scary. Malware! Crypto miners! It's really nice not having to worry about that.
Dec 20, 2017 at 21:04
Windows Defender learns new malware definitions without a human involved at all! Really impressive analysis of the arrival of a new piece of ransomware:
Detonating a bad rabbit: Windows Defender Antivirus and layered machine learning defenses | Microsoft Security Blog
Detonating a bad rabbit: Windows Defender Antivirus and layered machine learning defenses | Microsoft Security Blog
Windows Defender Antivirus uses a layered approach to protection: tiers of advanced automation and machine learning models evaluate files in order to reach a verdict on suspected malware.
Mar 11, 2017 at 21:48
Detecting Android malware by extracting a static call graph and applying ML https://blog.acolyer.org/2017/03/09/mamadroid-detecting-android-malware-by-building-markov-chains-of-behavorial-models/ (impressive how high-level the CFG is)