archives

malware

This tag is associated with 4 posts

Dissecting Malicious Network Traffic To Identify Botnet Communication

by Swasti Bhushan Deb Botnets are well-known in the domains of information security, digital forensics and incident response for hosting illegal data, launching DDOS attacks, stealing information, spamming, bitcoin mining, spreading ransomware, launching brute force attacks, managing remote access to connected devices, and even propagating infection to other devices, among other things. Internet Relay Chat (IRC) … Continue reading

Deep Learning At The Shallow End: Malware Classification For Non-Domain Experts

by Quan Le, Oisín Boydell, Brian Mac Namee & Mark Scanlon Abstract Current malware detection and classification approaches generally rely on time consuming and knowledge intensive processes to extract patterns (signatures) and behaviors from malware, which are then used for identification. Moreover, these signatures are often limited to local, contiguous sequences within the data whilst … Continue reading

Finding Metasploit’s Meterpreter Traces With Memory Forensics

by Oleg Skulkin & Igor Mikhaylov Metasploit Framework is not only very popular among pentesters, but is also quite often used by real adversaries. So why is memory forensics important here? Because Meterpreter, for example – an advanced, dynamically extensible Metasploit payload – resides entirely in the memory and writes nothing to the victim’s drive. In … Continue reading

Malware Can Hide, But It Must Run

by Alissa Torres, SANS Certified Instructor It’s October, haunting season. However, in the forensics world, the hunting of evil never ends. And with Windows 10 expected to be the new normal, digital forensics and incident response (DFIR) professionals who lack the necessary (memory) hunting skills will pay the price. Investigators who do not look at … Continue reading

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,163 other followers