Advanced Malware Analysis
|
|
- Daniella Charles
- 7 years ago
- Views:
Transcription
1 Advanced Malware Analysis Serving as the final class in our malware series Advance Malware Analysis will challenge you more that ever. Using the latest malware samples that are the hardest to reverse engineer we push our students to use every means necessary to defeat all defensive measures employed by Malware authors to wreak havoc across the internet. Each malware sample analyzed in class will require first unpacking the sample and removing any software armoring or protection put in place to thwart the security analyst. After the student successfully removes armoring agents they ll have to navigate past several anti-debugging techniques employed by the most elite malware samples today. Finally each sample will required skillful knowledge and usage of OllyDbg or IDA Pro tools with scripting abilities to reverse engineer the destructive code and determine exactly what the malware does. **Please note this course requires extensive skills and programming knowledge. It is recommended that the student attend Intermediate Malware Analysis, Assembly for Reverse Engineers, and Introduction to Python before attending this course or have equivalent experience. Topics include: Malicious document analysis Extracting and analyzing embedded shell script from documents Manually unpacking obfuscated malware Methods for Analyzing and Defeating Armored Malware Advanced Rootkits, DLL s and Windows Services Advanced Anti-Reversing Malware Class Details: 5 Days M-F, Laptops are provided Students receive course USB Flash Drive of tools and labs
2 Day 1 Agenda Microsoft Office Malicious Documents Instructor will demonstrate methods and techniques for manually analyzing malicious documents WITHOUT running them against the vulnerable version of MS Office they are targeting. Students will walk through samples for: Word DOC embedded malware Excel XLS embedded malware PowerPoint PPT embedded malware IDA Pro BinLoad SysInternals Suite Adobe PDF Malicious Documents Instructor will describe and demonstrate methods and techniques for manually analyzing these malicious documents WITHOUT running them against the vulnerable version of Adobe Reader they are targeting. Students will walk through several PDF samples targeting current vulnerabilities. MDAT BinLoad IDA Pro This day concludes with a relevant and challenging malware samples in which they must remove the embedded executables for MS Office and Adobe files as the scenario for the day.
3 Day 2 Agenda Manually Unpacking Obfuscated Malware Instructor will: Describe and demonstrate situations where malware analysts tools break and Auto-Unpacking fails. Students will: Analyze a packed executable which will break if attempting to be unpacked through a malware autounpacker. Manually unpack and restore the original executable. Students will be given modified version of other real-world packers. (2-3 samples) Day concludes with a relevant and challenging malware sample which students must unpack as the scenario for the day. IDA Pro
4 Day 3 Agenda Methods for Analyzing and Defeating Armored Malware Instructor will: Describe and demonstrate common anti-debugging techniques used by malware authors to detect whether or not they are being analyzed. Describe and demonstrate common anti-reversing techniques used by malware authors to confuse and increase difficulty of the RE process. Students will: Analyze and bypass Anti-debugging checking routines to get the executable to completely unpack. Combine lessons learned from Day Two to manually unpack and restore the original executable and then defeat the anti-debugging routines. Analyze a sample making use of many popular anti-reversing techniques and will have to develop IDA Scripts to clean up the code to make it easier to Reverse Engineer. Combine lessons learned from Day One, Two, Three to manually unpack and restore the original executable, defeat the anti-debugging routines, and finally defeat anti-reversing routines. This day concludes with a relevant and challenging malware sample which they must unpack as the scenario for the day. IDA Pro w/ IDA Scripting emphasis
5 Day 4 Agenda Rootkits, DLL s and Windows Services Instructor will cover the following topics: Demonstrate reversing Windows rootkits Provide an overview of Windows Kernel data structures and what they mean Show how to detect interrupt table hooks and SSDT hooks Examining NDIS chains to find backdoor TCP/IP stacks Reversing DLL s Overview of Windows DLLs Loading DLLs, DLL Exports Windows Services Overview of Windows Services structures Service installation and execution routines Service lifetime Students will combine lessons learned from Day One, Two, Three to manually unpack and restore the original executable service DLL and rootkit, defeat the anti-debugging routines, and finally defeat anti-reversing routines. IDA Pro w/ IDA Scripting emphasis
6 Day 5 Agenda Conficker or other Relevant Sample Students will combine lessons learned from all week and use the skills they ve learned to analyze a challenging high level piece of malware in a DOC/PDF format. Each student will have to perform the following objectives: Manually unpack and restore the original executable Defeat the anti-debugging routines Defeat anti-reversing routines Develop network signatures IDA Pro w/ IDA Scripting emphasis
ASL IT SECURITY XTREME XPLOIT DEVELOPMENT
ASL IT SECURITY XTREME XPLOIT DEVELOPMENT V 2.0 A S L I T S e c u r i t y P v t L t d. Page 1 Overview: The most dangerous threat is the one which do not have a CVE. Until now developing reliable exploits
More informationPractical Threat Intelligence. with Bromium LAVA
Practical Threat Intelligence with Bromium LAVA Practical Threat Intelligence Executive Summary Threat intelligence today is costly and time consuming and does not always result in a reduction of successful
More informationAdvancements in Botnet Attacks and Malware Distribution
Advancements in Botnet Attacks and Malware Distribution HOPE Conference, New York, July 2012 Aditya K Sood Rohit Bansal Richard J Enbody SecNiche Security Department of Computer Science and Engineering
More informationStorm Worm & Botnet Analysis
Storm Worm & Botnet Analysis Jun Zhang Security Researcher, Websense Security Labs June 2008 Introduction This month, we caught a new Worm/Trojan sample on ours labs. This worm uses email and various phishing
More informationDetecting the One Percent: Advanced Targeted Malware Detection
Detecting the One Percent: Advanced Targeted Malware Detection Tomer Teller Check Point Software Technologies Session ID: SP02-T19 Session Classification: Intermediate Antivirus 20 th+ Anniversary The
More informationAttacking Obfuscated Code with IDA Pro. Chris Eagle
Attacking Obfuscated Code with IDA Pro Chris Eagle Outline Introduction Operation Demos Summary 2 First Order Of Business MOVE UP AND IN! There is plenty of room up front I can't increase the font size
More informationSandy. The Malicious Exploit Analysis. http://exploit-analysis.com/ Static Analysis and Dynamic exploit analysis. Garage4Hackers
Sandy The Malicious Exploit Analysis. http://exploit-analysis.com/ Static Analysis and Dynamic exploit analysis About Me! I work as a Researcher for a Global Threat Research firm.! Spoke at the few security
More informationPRACTICAL MALWARE ANALYSIS Kris Kendall kris.kendall@mandiant.com
PRACTICAL MALWARE ANALYSIS Kris Kendall kris.kendall@mandiant.com WHY PERFORM MALWARE ANALYSIS? What are some of the reasons that one might want to invest the (sometimes significant) resources required
More informationTEST METHODOLOGY. Endpoint Protection Evasion and Exploit. v4.0
TEST METHODOLOGY Endpoint Protection Evasion and Exploit v4.0 Table of Contents 1 Introduction... 3 1.1 Inclusion Criteria... 3 2 Product Guidance... 5 2.1 Recommended... 5 2.2 Neutral... 5 2.3 Caution...
More informationLearn the fundamentals of Software Development and Hacking of the iphone Operating System.
Course: Duration: 5 Day Hands-On Lab & Lecture Course Price: $ 3,495.00 Description: Learn the fundamentals of Software Development and Hacking of the iphone Operating System. provides an Instructor-led
More informationCORPORATE AV / EPP COMPARATIVE ANALYSIS
CORPORATE AV / EPP COMPARATIVE ANALYSIS Exploit Evasion Defenses 2013 Randy Abrams, Dipti Ghimire, Joshua Smith Tested Vendors AVG, ESET, F- Secure, Kaspersky, McAfee, Microsoft, Norman, Panda, Sophos,
More informationAutomating Linux Malware Analysis Using Limon Sandbox Monnappa K A monnappa22@gmail.com
Automating Linux Malware Analysis Using Limon Sandbox Monnappa K A monnappa22@gmail.com A number of devices are running Linux due to its flexibility and open source nature. This has made Linux platform
More informationWindows Operating Systems. Basic Security
Windows Operating Systems Basic Security Objectives Explain Windows Operating System (OS) common configurations Recognize OS related threats Apply major steps in securing the OS Windows Operating System
More informationPE Explorer. Heaventools. Malware Code Analysis Made Easy
Heaventools PE Explorer Data Sheet Malware Code Analysis Made Easy Reverse engineers within the anti-virus, vulnerability research and forensics companies face the challenge of analysing a large number
More informationAnti-virus Evasion Techniques. By: Abhinav Singh a.k.a DaRkLoRd
Research Whitepaper on Anti-virus Evasion Techniques By: Abhinav Singh a.k.a DaRkLoRd (Information Security Specialist) url : http://hackingalert.blogspot.com Anti-virus Evasion Techniques Anti-virus has
More informationINTRODUCTION TO MALWARE & MALWARE ANALYSIS
INTRODUCTION TO MALWARE & MALWARE ANALYSIS by Quick Heal R&D lab Security Simplified INTRODUCTION Very often people call everything that corrupts their system a virus without being aware about what it
More informationSpyware Analysis. jan.monsch@csnc.ch. Security Event - April 28, 2004 Page 1
Spyware Analysis jan.monsch@csnc.ch Security Event - April 28, 2004 Page 1 Content Definition & types of spyware Statistics Hooks Static vs. dynamic software analysis Test environment for spyware Analysis
More informationCan Consumer AV Products Protect Against Critical Microsoft Vulnerabilities?
ANALYST BRIEF Can Consumer AV Products Protect Against Critical Microsoft Vulnerabilities? Author Randy Abrams Tested Products Avast Internet Security 7 AVG Internet Security 2012 Avira Internet Security
More informationWindows Rootkit Overview
WHITE PAPER: SYMANTEC SECURITY RESPONSE Windows Rootkit Overview White Paper: Symantec Security Response Windows Rootkit Overview Contents Introduction...4 User Mode Rootkits...4 Kernel Mode Rootkits...5
More informationFine-grained covert debugging using hypervisors and analysis via visualization
Reverse Engineering by Crayon: Game Changing Hypervisor and Visualization Analysis Fine-grained covert debugging using hypervisors and analysis via visualization Daniel A. Quist Lorie M. Liebrock Offensive
More informationPenetration Testing Using The Kill Chain Methodology
Penetration Testing Using The Kill Chain Methodology Presented by: Rupert Edwards This course is intended for a technically astute audience.this course is 98% hands on.the attendee should have some basic
More informationComputer Viruses: How to Avoid Infection
Viruses From viruses to worms to Trojan Horses, the catchall term virus describes a threat that's been around almost as long as computers. These rogue programs exist for the simple reason to cause you
More informationMalware B-Z: Inside the Threat From Blackhole to ZeroAccess
Malware B-Z: Inside the Threat From Blackhole to ZeroAccess By Richard Wang, Manager, SophosLabs U.S. Over the last few years the volume of malware has grown dramatically, thanks mostly to automation and
More informationDigital Forensic Techniques
Digital Forensic Techniques Namrata Choudhury, Sr. Principal Information Security Analyst, Symantec Corporation Professional Techniques T23 CRISC CGEIT CISM CISA AGENDA Computer Forensics vs. Digital Forensics
More informationReverse Engineering by Crayon: Game Changing Hypervisor and Visualization Analysis
Reverse Engineering by Crayon: Game Changing Hypervisor and Visualization Analysis Game Changing Hypervisor Based Malware Analysis and Visualization Danny Quist Lorie Liebrock New Mexico Tech Computer
More informationCreate a PDF File. Tip. In this lesson, you will learn how to:
Create a PDF File Now that you ve seen what an ETD looks like and how to browse the contents, it s time to learn how to convert your own thesis or dissertation into a PDF file. There are several different
More informationThese FAQs were created to answer questions about the retirement of Fundamentals of Web Design.
Web Design Curriculum Transition,v1.0 Fundamentals of Web Design Sponsorship Transition FAQs, v1.0 Overview Adobe Systems, Inc. has advised Cisco that they will be terminating their sponsorship of the
More informationConfiguring WildFire. Version 1.0 PAN-OS 5.0.1. Johan Loos. johan@accessdenied.be
Configuring WildFire Version 1.0 PAN-OS 5.0.1 Johan Loos johan@accessdenied.be WildFire Overview WildFire is a cloud based malware detection service. Basically is the idea when the user downloads a file,
More informationRed Hat Linux Internals
Red Hat Linux Internals Learn how the Linux kernel functions and start developing modules. Red Hat Linux internals teaches you all the fundamental requirements necessary to understand and start developing
More informationFile Disinfection Framework (FDF) Striking back at polymorphic viruses
File Disinfection Framework (FDF) Striking back at polymorphic viruses 1 CONTENTS Introduction 3 File Disinfection Framework (FDF) 4 Disinfection solution development today 5 Goals 6 Target audience 6
More informationSecurity Intelligence Services. Cybersecurity training. www.kaspersky.com
Kaspersky Security Intelligence Services. Cybersecurity training www.kaspersky.com CYBERSECURITY TRAINING Leverage Kaspersky Lab s cybersecurity knowledge, experience and intelligence through these innovative
More information5 Steps to Advanced Threat Protection
5 Steps to Advanced Threat Protection Agenda Endpoint Protection Gap Profile of Advanced Threats Consensus Audit Guidelines 5 Steps to Advanced Threat Protection Resources 20 Years of Chasing Malicious
More informationAdvanced ANDROID & ios Hands-on Exploitation
Advanced ANDROID & ios Hands-on Exploitation By Attify Trainers Aditya Gupta Prerequisite The participants are expected to have a basic knowledge of Mobile Operating Systems. Knowledge of programming languages
More informationManaged Services: More uptime, less headache
Managed Services: More uptime, less headache Uptime is critical for every organization. Your equipment needs to work every time all of the time so that you can manage your business, not your technology.
More informationApplication Whitelisting - Extend your Security Arsenal? Mike Baldi Cyber Security Architect Honeywell Process Solutions
Application Whitelisting - Extend your Security Arsenal? Mike Baldi Cyber Security Architect Honeywell Process Solutions 1 Agenda What is Application Whitelisting (AWL) Protection provided by Application
More informationFORENSIC ANALYSIS Aleš Padrta
FORENSIC ANALYSIS Aleš Padrta CESNET, CESNET-CERTS, FLAB CESNET Czech NREN operator CESNET-CERTS 2004 Established 2008 Accredited CSIRT FLAB Forensic LABoratory Established 6/2011 Support team for CESNET-CERTS
More informationCIT 480: Securing Computer Systems. Malware
CIT 480: Securing Computer Systems Malware Topics 1. Anti-Virus Software 2. Virus Types 3. Infection Methods 4. Rootkits 5. Malware Analysis 6. Protective Mechanisms 7. Malware Factories 8. Botnets Malware
More informationBeyond Aurora s Veil: A Vulnerable Tale
Beyond Aurora s Veil: A Vulnerable Tale Derek Manky Cyber Security & Threat Research FortiGuard Labs October 26th, 2010: SecTor 2010 Toronto, CA Conficker: April Doomsday.. Meanwhile JBIG2 Zero Day PDF/SWF
More informationMichigan/1 Migration
Michigan/1 Migration Preparing for Michigan/1 Migration What does M/1 Mean to You Login from anywhere on the State of Michigan (SOM) domain. More secure environment Consolidated Anti-Virus management.
More informationGetting Ahead of Malware
IT@Intel White Paper Intel Information Technology Security December 2009 Getting Ahead of Malware Executive Overview Since implementing our security event monitor and detection processes two years ago,
More informationAdministrative Assistant Certificate. 335 hours/6 months/instructor Facilitated
Administrative Assistant Certificate 335 hours/6 months/instructor Facilitated Overview Our Administrative Assistant Certificate program develops the necessary skills to thrive in an office environment,
More informationThe Value of Physical Memory for Incident Response
The Value of Physical Memory for Incident Response MCSI 3604 Fair Oaks Blvd Suite 250 Sacramento, CA 95864 www.mcsi.mantech.com 2003-2015 ManTech Cyber Solutions International, All Rights Reserved. Physical
More informationTaking a Proactive Approach to Patch Management. B e s t P r a c t i c e s G u i d e
B e s t P r a c t i c e s G u i d e It s a fact of business today: because of the economy, most organizations are asking everyone, including the IT staff, to do more with less. But tight budgets and the
More informationAnalyzing a New Variant of BlackEnergy 3 Likely Insider-Based Execution
Analyzing a New Variant of BlackEnergy 3 Likely Insider-Based Execution By Udi Shamir EXECUTIVE SUMMARY Note While writing this report (1/26/2016) a new attack has just been detected, targeting a Ukranian
More informationHow We're Getting Creamed
ed Attacks How We're Getting Creamed By Ed Skoudis June 9, 2011 ed Attacks - 2011 Ed Skoudis 1 $ cut -f5 -d: /etc/passwd grep -i skoudis Ed Skoudis Started infosec career at Bellcore in 1996 working for
More informationHoneypots & Honeynets Overview. Adli Wahid Security Specialist, APNIC.net adli@apnic.net
Honeypots & Honeynets Overview Adli Wahid Security Specialist, APNIC.net adli@apnic.net 1 Contents 1. ObjecCves 2. DefiniCon of Honeypot & Honeynets 3. Benefits & Risk consideracon 4. Example of Honeypot
More informationMANDIANT CONSULTING 2016 EXTERNAL EDUCATION COURSE CATALOG
MANDIANT CONSULTING 2016 EXTERNAL EDUCATION COURSE CATALOG C O U R S E C ATA L O G CONTENTS Our External Education Program 3 Malware Analysis Course Descriptions 5 Cyber Crime & Incident Response Course
More informationWINDOWS UPDATES AND MAJOR BUILDS
WINDOWS UPDATES AND MAJOR BUILDS Updates install automatically, and you can t pick and choose Another big change with Window 10 is that there will be automatic updates, so there s less chance of you missing
More informationComputer Security DD2395
Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/dd2395/dasakh11/ Fall 2011 Sonja Buchegger buc@kth.se Lecture 7 Malicious Software DD2395 Sonja Buchegger 1 Course Admin Lab 2: - prepare
More informationAnti-Virus Evasion Techniques and Countermeasures
Anti-Virus Evasion Techniques and Countermeasures Author: Debasis Mohanty www.hackingspirits.com Email ID: debasis_mty@yahoo.com mail@hackingspirits.com Table of Contents 1. INTRODUCTION............3 2.
More informationIntellex Platform Security Update Process. Microsoft Security Updates. Version 06-10
Intellex Platform Security Update Process Microsoft Security Updates Version 06-10 Contents Intellex Platform Security Update Process... 1 Introduction... 3 Installing updates on an Intellex Ultra running
More informationThe evolution of virtual endpoint security. Comparing vsentry with traditional endpoint virtualization security solutions
The evolution of virtual endpoint security Comparing vsentry with traditional endpoint virtualization security solutions Executive Summary First generation endpoint virtualization based security solutions
More informationCAS : A FRAMEWORK OF ONLINE DETECTING ADVANCE MALWARE FAMILIES FOR CLOUD-BASED SECURITY
CAS : A FRAMEWORK OF ONLINE DETECTING ADVANCE MALWARE FAMILIES FOR CLOUD-BASED SECURITY ABHILASH SREERAMANENI DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING SEOUL NATIONAL UNIVERSITY OF SCIENCE AND TECHNOLOGY
More informationMicrosoft Security Intelligence Report Volume 13
Microsoft Security Intelligence Report Volume 13 Tim Rains Director, Trustworthy Computing, Microsoft Jeff Jones Director, Trustworthy Computing, Microsoft Session ID: DSP-R33 Session Classification: Intermediate
More informationAdvanced Persistent Threats
Advanced Persistent Threats George R Magee~ FCNSA, FCNSP, Fortinet Larry Cushing~ CEO, Unified Technologies Visit us at Booth #11 1 May 27, 2014 2 Threat landscape An Internet Minute 7 7 Fortinet Confidential
More informationReverse Engineering and Computer Security
Reverse Engineering and Computer Security Alexander Sotirov alex@sotirov.net Introduction Security researcher at Determina, working on our LiveShield product Responsible for vulnerability analysis and
More informationAdi Hayon Tomer Teller
Adi Hayon Tomer Teller Why are we here? (one of many reasons) A malicious program: Allocates memory in a remote process (and write to it) Executes the code in that memory region Frees the code Memory dump
More informationLASTLINE WHITEPAPER. In-Depth Analysis of Malware
LASTLINE WHITEPAPER In-Depth Analysis of Malware Abstract Malware analysis is the process of determining the purpose and functionality of a given malware sample (such as a virus, worm, or Trojan horse).
More informationESET Endpoint Security 6 ESET Endpoint Antivirus 6 for Windows
ESET Endpoint Security 6 ESET Endpoint Antivirus 6 for Windows Products Details ESET Endpoint Security 6 protects company devices against most current threats. It proactively looks for suspicious activity
More informationHow Are Certificates Used?
The Essentials Series: Code-Signing Certificates How Are Certificates Used? sponsored by by Don Jones Ho w Are Certificates Used?... 1 Web Applications... 1 Mobile Applications... 2 Public Software...
More informationMcAfee Web Gateway Administration Intel Security Education Services Administration Course Training
McAfee Web Gateway Administration Intel Security Education Services Administration Course Training The McAfee Web Gateway Administration course from Education Services provides an in-depth introduction
More informationAdvanced Windows Firewall Subversion. Lin0xx of NoxusFiles
Advanced Windows Firewall Subversion Lin0xx of NoxusFiles The Prevailing Mentality Applications aren t secure We have to cover for someone else s vulnerability Many people believe a firewall is the magic
More informationZeroAccess. James Wyke. SophosLabs UK
ZeroAccess James Wyke SophosLabs UK Abstract ZeroAccess is a sophisticated kernel-mode rootkit that is rapidly becoming one of the most widespread threats in the current malware ecosystem. ZeroAccess ability
More informationDetecting Malware With Memory Forensics. Hal Pomeranz SANS Institute
Detecting Malware With Memory Forensics Hal Pomeranz SANS Institute Why Memory Forensics? Everything in the OS traverses RAM Processes and threads Malware (including rootkit technologies) Network sockets,
More informationHi and welcome to the Microsoft Virtual Academy and
Hi and welcome to the Microsoft Virtual Academy and 2012 Microsoft Corporation 1 the start of the Windows 8 Security Insights training. My name is Milad Aslaner I m part of the Premier Field Engineering
More informationPersistence Mechanisms as Indicators of Compromise
Persistence Persistence Mechanisms as Indicators of Compromise An automated technology for identifying cyber attacks designed to survive indefinitely the reboot process on PCs White Paper Date: October
More informationEndpoint Business Products Testing Report. Performed by AV-Test GmbH
Business Products Testing Report Performed by AV-Test GmbH January 2011 1 Business Products Testing Report - Performed by AV-Test GmbH Executive Summary Overview During November 2010, AV-Test performed
More informationPost-Access Cyber Defense
Post-Access Cyber Defense Dr. Vipin Swarup Chief Scientist, Cyber Security The MITRE Corporation November 2015 Approved for Public Release; Distribution Unlimited. 15-3647. 2 Cyber Security Technical Center
More informationImplementing and Maintaining Microsoft SQL Server 2008 Integration Services
Course 6234A: Implementing and Maintaining Microsoft SQL Server 2008 Integration Services Length: 3 Days Language(s): English Audience(s): IT Professionals Level: 200 Technology: Microsoft SQL Server 2008
More informationLaserJet USB Walk Up Printing
LaserJet USB Walk Up Printing FEATURE DESCRIPTION... 2 SUPPORTED USB STORAGE DEVICES AND PROTOCOLS... 2 SUPPORTED FILE FORMATS... 2 UNSUPPORTED DEVICES AND PROTOCOLS... 3 SECURITY CONCERNS... 5 Disabling
More informationLaserJet USB Walk Up Printing
LaserJet USB Walk Up Printing FEATURE DESCRIPTION... 2 SUPPORTED USB STORAGE DEVICES AND PROTOCOLS... 2 SUPPORTED FILE FORMATS... 2 UNSUPPORTED DEVICES AND PROTOCOLS... 3 SECURITY CONCERNS... 5 Disabling
More informationAdvanced Malware Cleaning Techniques for the IT Professional
Advanced Malware Cleaning Techniques for the IT Professional Mark Russinovich Microsoft Technical Fellow This section of the Microsoft Security Intelligence Report provides information and guidance for
More informationAccelerate Patching. the Enterprise. Wolfgang Kandek Qualys, Inc. Session ID: STAR-301 Session Classification: Intermediate
Accelerate Patching Progress Title of in Presentation the Enterprise the Enterprise Wolfgang Kandek Qualys, Inc. Session ID: STAR-301 Session Classification: Intermediate Insert presenter logo here on
More informationElements to a Secure Environment Becoming Resilient Towards Modern Cyberthreats. Windows XP Support Has Ended Why It Concerns You
Elements to a Secure Environment Becoming Resilient Towards Modern Cyberthreats Windows XP Support Has Ended Why It Concerns You Protect Detect Respond 1 02 Windows XP support has ended Windows XP support
More informationCovert Operations: Kill Chain Actions using Security Analytics
Covert Operations: Kill Chain Actions using Security Analytics Written by Aman Diwakar Twitter: https://twitter.com/ddos LinkedIn: http://www.linkedin.com/pub/aman-diwakar-ccie-cissp/5/217/4b7 In Special
More informationHow do you use word processing software (MS Word)?
How do you use word processing software (MS Word)? Page 1 How do you use word processing software (MS Word)? Lesson Length: 2 hours Lesson Plan: The following text will lead you (the instructor) through
More informationHow To Create A Multi-Version Bootable Windows 7 USB Drive
How To Create A Multi-Version Bootable Windows 7 USB Drive This is a step by step tutorial showing how to create a multi-version bootable Windows 7 USB drive. You can use the quick jump menu to skip to
More informationOverview of the Revised Curriculum for PLTW course Introduction to Engineering Design
Overview of the Revised Curriculum for PLTW course Introduction to Engineering Design V. Goncharoff University of Illinois at Chicago Illinois PLTW Conference Peoria, 18 October 2007 2007 Illinois PLTW
More informationCODE SIGNING. Why Developers Need to Digitally Sign Code and Applications. +1-888-690-2424 entrust.com
CODE SIGNING Why Developers Need to Digitally Sign Code and Applications +1-888-690-2424 entrust.com Table of contents Why Code Sign? Page 3 What is Code Signing? Page 4 Verifying Code Authenticity Page
More informationEnterprise Incident Response: Network Intrusion Case Studies and Countermeasures
Enterprise Incident Response: Network Intrusion Case Studies and Countermeasures Eric J. Eifert Vice President, Cyber Defense Division ManTech s Mission, Cyber, & Technology Solutions Presentation Overview
More informationTitanMist: Your First Step to Reversing Nirvana TitanMist. mist.reversinglabs.com
TitanMist: Your First Step to Reversing Nirvana TitanMist mist.reversinglabs.com Contents Introduction to TitanEngine.. 3 Introduction to TitanMist 4 Creating an unpacker for TitanMist.. 5 References and
More informationGOALS: The goal for this session is: OBJECTIVES: By the end of the lesson participants should be able to: MATERIALS: Instructor ACTVITIES: EVALUATION:
GOALS: The goal for this session is: Learn how to connect and use the SMART Board for effective instruction Ability to annotate and save work using Microsoft Office and SMART Notebook Software OBJECTIVES:
More informationTechnical Note. CounterACT: Powerful, Automated Network Protection Inside and Out
CounterACT: Powerful, Contents Introduction...3 Automated Threat Protection against Conficker... 3 How the Conficker Worm Works.... 3 How to Use CounterACT to Protect vs. the Conficker Worm...4 1. Use
More informationCA Client Automation: Patch Manager - Supported Patches
CA Client Automation: Patch Manager - Supported Patches Laural Gentry Sr. Principal Product Manager April 2012 CA Online Content Research Team 2 This published document was based on current information
More information2016 Trends in Cybersecurity: A Quick Guide to the Most Important Insights in Security
2016 Trends in Cybersecurity: A Quick Guide to the Most Important Insights in Security For 10 years, Microsoft has been studying and analyzing the threat landscape of exploits, vulnerabilities, and malware.
More informationPDF Word to PDF utility. User Documentation
Note: This product is distributed on a try-before-you-buy basis. All features described in this documentation are enabled. The registered version does not insert a watermark in your generated pdf documents.
More informationMalware Trend Report, Q2 2014 April May June
Malware Trend Report, Q2 2014 April May June 5 August 2014 Copyright RedSocks B.V. 2014. All Rights Reserved. Table of Contents 1. Introduction... 3 2. Overview... 4 2.1. Collecting Malware... 5 2.2. Processing...
More informationIntroduction. Application Security. Reasons For Reverse Engineering. This lecture. Java Byte Code
Introduction Application Security Tom Chothia Computer Security, Lecture 16 Compiled code is really just data which can be edit and inspected. By examining low level code protections can be removed and
More informationSystem Requirements for LAW PreDiscovery Software ( LAW ) LAW PreDiscovery Software Installation Guide
System Requirements for ( LAW ) Installation Guide Version 5.2, May 2008 Copyright Copyright LexisNexis and the Knowledge Burst logo are registered trademarks of Reed Elsevier Properties Inc., used under
More informationBotnets Die Hard Owned and Operated
Botnets Die Hard Owned and Operated,,, Las Vegas, 2012 Aditya K Sood Richard J Enbody SecNiche Security Department of Computer Science and Engineering Michigan State University Aditya K Sood About Us PhD
More informationHope is not a strategy. Jérôme Bei
Hope is not a strategy Jérôme Bei Press Highlights Conficker hits German Government! 3000 Clients down! Datatheft at German Telekom: 17.000.000 Customer Records lost! About 1.000.000 pieces of Malware
More informationNORTHEAST OHIO MEDICAL UNIVERSITY. POLICY TITLE: Information Technology Standards and Timelines
POLICY TITLE: Information Standards and Timelines RESPONSIBLE DEPARTMENT: Information (A) PURPOSE The purpose of this policy is to identify types of hardware, software and operating systems supported by
More informationUsing Process Monitor
Using Process Monitor Process Monitor Tutorial This information was adapted from the help file for the program. Process Monitor is an advanced monitoring tool for Windows that shows real time file system,
More informationDefending Against. Phishing Attacks
Defending Against Today s Targeted Phishing Attacks DeFending Against today s targeted phishing attacks 2 Introduction Is this email a phish or is it legitimate? That s the question that employees and
More informationANTI-VIRUS POLICY OCIO-6006-09 TABLE OF CONTENTS
OCIO-6006-09 Date of Issuance: May 22, 2009 Effective Date: May 22, 2009 Review Date: Section I. Purpose II. Authority III. Scope IV. Definitions V. Policy VI. Roles and Responsibilities VII. Exceptions
More informationGenerating lesson plans with. Adobe Acrobat
Generating lesson plans with Adobe Acrobat Introduction Being a teacher requires so many non-teaching administrative tasks that sometimes just teaching gets lost in the paper shuffle. You can automate
More informationBasic Computer Skills Module 2. Software Concepts
Basic Computer Skills Module 2 Software Concepts Basic Computer Skills Module 2 Software Basics Summary Goal: Know the fundamentals of operating systems. SMART Objectives: Specific, Measurable, Achievable,
More informationIntellex Platform Security Update Process. Microsoft Security Updates. Version 11-12
Intellex Platform Security Update Process Microsoft Security Updates Version 11-12 Contents Intellex Platform Security Update Process... 1 Introduction... 3 Installing updates on an Intellex Ultra running
More informationHow to Create a PDF Document
How to Create a PDF Document PDF Budget Book for SVPAA Meetings Steps Summarized #1. Download Adobe Acrobat Professional [Page 1]. #2. Prepare Document for Print [Page 2]. #3. Use the Various Options to
More information