malware reverse engineering Archives

The 2024 CWE Top 25: Understanding and Mitigating CWE-78 – OS Command Injection

12 March 202512 March 2025 by Krishna

OS Command Injection occurs when an application dynamically constructs operating system (OS) commands using untrusted inputs, enabling an attacker to execute arbitrary commands on the host system. These commands often run with the same privileges as the application, amplifying the potential impact.

Emulation Detection Evasion: Safeguarding Against Evasive Malware Strategies

29 December 2024 by Krishna

Emulation detection evasion is a set of techniques employed by malware to detect analysis environments such as sandboxes or virtual machines and evade detection by altering their execution. By identifying the presence of emulation artifacts or behaviours, malware can stop executing or behave benignly, thereby avoiding detection and analysis.