Leveraging CNNs and Entropy-Based Feature Selection to Identify Potential Malware Artifacts of Interest

This diary explores a novel methodology for classifying malware by integrating entropy-driven feature selection with a specialized Convolutional Neural Network (CNN). Motivated by the increasing obfuscation tactics used by modern malware authors, we will focus on capturing high-entropy segments within files, regions most likely to harbor malicious functionality, and feeding these distinct byte patterns into our model.

https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Leveraging%20CNNs%20and%20Entropy-Based%20Feature%20Selection%20to%20Identify%20Potential%20Malware%20Artifacts%20of%20Interest/31790


Malware found on npm infecting local package with reverse shell

Researchers at Reversinglabs found two malicious NPM packages, ethers-provider2, and ethers-providerz that patch the well known (and not malicious) ethers package to add a reverse shell and downloader.

https://www.reversinglabs.com/blog/malicious-npm-patch-delivers-reverse-shell

Google Patched Google Chrome 0-day

Google patched a vulnerability in Chrome that was already exploited in attacks against media and educational organizations in Russia

https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html

Rss Apple Podcaster
Podden och tillhörande omslagsbild på den här sidan tillhör Johannes B. Ullrich. Innehållet i podden är skapat av Johannes B. Ullrich och inte av, eller tillsammans med, Poddtoppen.

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS Stormcast Thursday Mar 27th: Classifying Malware with ML; Malicious NPM Packages; Google Chrome 0-day

00:00