Reversemode

Index Introduction PhysicsFiction state_monitor state_physics state_physics #2 — A key part state_physics #3 — The attack What about the target? Conclusions Introduction This past friday Juan Andres Guerrero-Saade and Vitaly Kamluk published an extraordinary piece of research, which uncovered a 20 years old sophisticated malware, plausibly attributed to state actors. What is outstanding about this implant is, as the authors mention, that "fast16.sys selectively targets high-precision calculation software, patching code in memory to tamper with results." That's insane…and very real. I'll try to contribute to the public understanding of Fast16 by digging into the function that targets the physics simulations. At this point, there is little left to add about Stuxnet, but it is important to use it as a temporal reference, because Fast16 was allegedly active years before the malware that changed everything. Around 2...

Index 1.  Introduction 2.  Practical Gamma Spectroscopy for Security Researchers 3.  SIGMA Network 4.  Conclusions Disclaimer To avoid any misunderstandings, I want to clarify that all the information in this post is based on open-source intelligence, publicly available documents, and reverse engineering. I have not attempted to compromise or replicate any potential attacks on internet-facing SIGMA systems. Instead, I conducted a simple, non-invasive reconnaissance phase, which involved accessing public websites, reviewing their source code, and examining generic endpoints to gather general information, such as system versions.  A month before publishing this post, I gave a heads-up about it to those who needed to be informed, just in case. Introduction  This is the first part of a series on the cyber-physical analysis of weapons of mass destruction detection systems, focusing on technologies like CBRN networks and nuclear safeguards. These posts will cover...