Malware Analysis

Wed
24
Feb

How to Perform Basic Static Malware Analysis Using Open Source Tools ?

How to Perform Basic Static Malware Analysis Using Open Source Tools ?

The recent Malware attacks on banks, financial institutions, and payment processors are a validation of the increasing technical expertise of cyber-criminals and their ability to cause significant damage while orchestrating remotely. From mobile malware to banking Trojans, and point-of-sale (POS) and retail breaches, the threat landscape continues to evolve.  According to anti-malware product vendors, the average time to resolve a malware attack ranges from 18-26 days, resulting huge business down-time. In addition, the average cost of cleanup, cost of investigation, increased manifold.  The two reasons for this pathetic situation are:

Tue
23
Feb

Malware Analysis : Symptoms of a Malware Infection on a Windows Machine

Malware Analysis : Symptoms of a Malware Infection on a Windows Machine

Any software or code snippet that causes harm to a computer system, its user or network can be considered malware. Viruses, Worms, Rootkits, Spyware, Ransom ware, Trojan horse are examples of malware. Each malware category behaves in a different way and has its own course of execution but they have one thing in common, that is to evade being identified by security controls and cause potential damage to the computer system and its user.

Mon
11
Jan

A quick thought on how good Sandboxing technologies are ?

A quick thought on how good Sandboxing technologies are?

These days we hear lot about Advanced Persistent Threat (APT) mitigation techniques and the solutions that could protect us from Zero Day Attacks. Last couple of years the main focus was on Sandboxing solutions. We normally place firewall, IPS/IDS, HIPS, Antivirus solutions as a part of Defence in Depth principle. The limitation in this is most IPS/IDS, HIPS or Antivirus solutions detect and block known malwares as most of them are signature based security solutions. If they don’t have a corresponding signature, then the attack will go unnoticed and will result in exploiting vulnerabilities. I always believe in a principle – Prevention is better than cure.

Sun
16
Nov

Sandbox aware Malware

As the Internet is becoming an important part of everyday life, Internet users face increasing security threats posed by malware. Malware is defined as malicious software or code, that when enters in to a computer system does things/changes that are harmful and unwanted to the legitimate user. The harmful activities can be corrupting and deleting the files on the computer, stealing the personal and financial information, making the computer services slow and unavailable, stealing proprietary or intellectual property information and at a larger scale destroying computers and computer networks. Some of the examples of the malware include viruses, worms, Trojans, back doors, root kits, key loggers, spyware,  ransomware, adware, Crimeware etc.

Pages

Subscribe to RSS - Malware Analysis