Authors: Christiaan Beek
Tags: malware intelligence malware analysis
Event: Black Hat Abu Dhabi 2011
Abstract: Over years the use of malware has dramatically changed. Ranging from programmers exploring the malicious possibilities of their programming code, copycats trying to combine code snippets, to organized crime and governments using custom made malware for their purposes. Where financial gratification is the main drive for cybercrime, it seems that the hunger for secrets and intellectual property is taking over. Some examples of cases are: Operation Aurora, Night-Dragon and recently Shady-RAT. These are examples of investigations that started with the detection of unknown customized malware, hiding on corporate networks and ended in large investigations regarding Data Loss. So how is it possible that this malware was undetected? How can you detect hidden malware on your network using open-source tools, what patterns to look for? What countermeasures can you take? How to build a layered malware defense to keep unknown malware out of your network. In my talk I will give some demo's how you can use Wireshark to investigate networkdata for traces of malware, how to filter for suspicious connections.
Feeds
133326 items (0 unread) in 27 feeds
-
1337day (was: Inj3ct0r, 1337db)
-
OSVDB Vulnerabilities
-
Exploit-DB
-
SecurityFocus Vulnerabilities
-
Bugtraq
-
Full Disclosure
-
XSSed
-
Packet Storm Security Headlines
-
-
-
-
-
-
Sophos security news
-
-
Penetration Testing
-
SecuriTeam
-
BackTrack Linux Forums
-
Threatpost
-
SecDocs
-
carnal0wnage.attackresearch.com
-
Carnal0wnage
-
-
Darknet
-
The Exploitant
-
Hack a Day
-
Wirevolution
«
Expand/Collapse
SecDocs
-
![Permalink for '[Slides] Taming Worms, RATs, Dragons and More!'](/themes/lilina/web//media/mark_on.gif)
[Slides] Taming Worms, RATs, Dragons and More!
Posted: February 1st, 2012, 9:41pm PST