http windowstips wordpress com agenda agenda
play

http://windowstips.wordpress.com Agenda Agenda Introduction - PowerPoint PPT Presentation

Oct 08, 2023 •855 likes •1.07k views

Juan Garrido MVP Enterprise Security @tr1ana http://windowstips.wordpress.com Agenda Agenda Introduction Malware public information TRIANA Conclusions Agenda One new malware every 2 seconds Its like epidemic Many variety of

  1.  Juan Garrido  MVP Enterprise Security @tr1ana  http://windowstips.wordpress.com

  2. Agenda

  3. Agenda Introduction Malware public information TRIANA Conclusions

  4. Agenda One new malware every 2 seconds It’s like epidemic Many variety of vectors: APT Drive by downloads USB Rootkits, Bootkits, etc...

  5. Introduction Many variety of technology: MS Office PDF Windows Apple based Mobile Big problem when analyze a lot of samples

  6. Introduction • Some questions: – The Malware analyst have tools to perform analysis? • Like a sandbox, scripts, little unit tools – The Malware analyst have a deep know in the malware analysis art? • Static analysis, dynamic analysis, reversing, etc.. • It’s possible reduce the analysis time? – Is a sample available for analyze?

  7. Introduction • Is a sample available for analyze?

  8. Malware Public Information • Why need MD5 instead of SHA1 or SHA256? • Easy: For URL based search

  9. Malware Public Information

  10. DEMO Malware based search

  11. WHERE IS MY SAMPLE • In many cases: – The sample is located in public site – The sample is located in hacking site – The sample is located in Web Access tool (Like VT, Malwr , etc…) – The sample is located in a public repository

  12. WHERE IS MY SAMPLE • IP, Host, Domain: – Useful for discover new samples • Whois • Domain Lookup • Etc… – Useful for discover APT Threats, Malware located by country, etc…

  13. WHERE IS MY SAMPLE

  14. DEMO Malware sample search

  15. TRIANA • Python based script: – Perform HASH and File Hash search – Many public information reference – Ability to download the sample if found it – Many sources  One JSON source – DOCX Report

  16. TRIANA • IP & Domain collector: – Check in IP and Domain reputation lists • Plugin based: – VirusTotal plugin – Malwr plugin – ThreatExpert plugin – Etc , etc…

  17. TRIANA

  18. CONCLUSIONS • It’s possible reduce time in malware analysis – Automate unit test – Automate malware analysis – Automate static analysis – Automated search based malware • It’s useful to attach like annex – JSON results – DOCX report • It’s useful to search malware – Many public information sites – Different public sandbox perform different analysis – Many public repositories

  19. THANKS ;) Juan Garrido Juan_garrido@innotecsystem.com http://www.innotecsystem.com

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

WORDPRESS Lesson 01.01 Introduction to WordPress Welcome Welcome to WordPress! Over the next

WORDPRESS Lesson 01.01 Introduction to WordPress Welcome Welcome to WordPress! Over the next

WORDPRESS Lesson 01.01 Introduction to WordPress Welcome Welcome to WordPress! Over the next set of sessions we're going to cover a lot of different topics, techniques, and technologies, all of which are going to help you better manage and

410 views • 13 slides
WORDPRESS Lesson 02.02 WordPress Editor WordPress Editor WordPress uses a simple HTML editor

WORDPRESS Lesson 02.02 WordPress Editor WordPress Editor WordPress uses a simple HTML editor

WORDPRESS Lesson 02.02 WordPress Editor WordPress Editor WordPress uses a simple HTML editor that allows users to create and update content for blog posts, pages, comments, and other content types that require a rich editing environment.

766 views • 17 slides
Open MIC @ Berkeley openmicberkeley.wordpress.com Open MIC @ Berkeley Agenda Jen Lee:

Open MIC @ Berkeley openmicberkeley.wordpress.com Open MIC @ Berkeley Agenda Jen Lee:

Welcome! Open MIC @ Berkeley openmicberkeley.wordpress.com Open MIC @ Berkeley Agenda Jen Lee: Introduction to FRET Marla Feller: Using FRET sensors to look at time resolved measurements Becky Lamason: Using FRET to determine if a

781 views • 30 slides
WordPress Wizardry: Tips, Shortcuts, & SEO Secrets for Tech Writers Alyson Harrold &

WordPress Wizardry: Tips, Shortcuts, & SEO Secrets for Tech Writers Alyson Harrold &

WordPress Wizardry: Tips, Shortcuts, & SEO Secrets for Tech Writers Alyson Harrold & Massimo Paolini Workshop Agenda WordPress Labyrinth The alchemy of themes, plugins & other CMS tricks Content Casting

837 views • 45 slides
Wordpress Security GIMPA, November 2018 By: @niiankrah What is Wordpress? WordPress is a

Wordpress Security GIMPA, November 2018 By: @niiankrah What is Wordpress? WordPress is a

Wordpress Security GIMPA, November 2018 By: @niiankrah What is Wordpress? WordPress is a free and open-source content management system based on PHP and MySQL. It uses a plugin architecture and a template system. It is most

367 views • 17 slides
Contributing to WordPress Sam Sidler @samuelsidler samuelsidler.com sam@wordpress.org Why

Contributing to WordPress Sam Sidler @samuelsidler samuelsidler.com sam@wordpress.org Why

Contributing to WordPress Sam Sidler @samuelsidler samuelsidler.com sam@wordpress.org Why Contribute to WordPress? Learn from the best developers Gain experience in the codebase Influence the direction of the project Make valuable

265 views • 25 slides
Hands-on QM/MM Tutorial Files are also available on: http://villekaila.wordpress.com/ and on the

Hands-on QM/MM Tutorial Files are also available on: http://villekaila.wordpress.com/ and on the

Hands-on QM/MM Tutorial Files are also available on: http://villekaila.wordpress.com/ and on the CHARMM web page Our files are also provided on http://github.com/RowleyGroup/charmm-turbomole- examples/tree/master/qmmm Prof. Ville R. I. Kaila

557 views • 38 slides
A Month of WordPress Plugins 2007 Ask and You May

A Month of WordPress Plugins 2007 Ask and You May

WordPress Plugins Lorelle VanFossen File Gallery WordPress Plugin A Month of WordPress Plugins 2007 Ask and You May Change WordPress Open Camp

542 views • 32 slides
By Sheena Gogarty http://startawebsite.ie/wordpress-training-courses/ Course outline: The

By Sheena Gogarty http://startawebsite.ie/wordpress-training-courses/ Course outline: The

By Sheena Gogarty http://startawebsite.ie/wordpress-training-courses/ Course outline: The difference between a Blog and a Website The difference between WordPress.com and WordPress.org Getting traffjc to your website or blog, how does it work?

448 views • 31 slides
Spring 2016 http://www.sox.net Agenda - Thursday Logistics Introductions Agenda Bash

Spring 2016 http://www.sox.net Agenda - Thursday Logistics Introductions Agenda Bash

Southern Crossroads (SoX) Participant Meeting Spring 2016 http://www.sox.net Agenda - Thursday Logistics Introductions Agenda Bash Advisory Committee seats on SLR Board Network Updates Commodity Internet GRNOC NSF

625 views • 44 slides
All the Way Down Mariano Martinez Peck marianopeck@gmail.com http://marianopeck.wordpress.com/

All the Way Down Mariano Martinez Peck marianopeck@gmail.com http://marianopeck.wordpress.com/

All the Way Down Mariano Martinez Peck marianopeck@gmail.com http://marianopeck.wordpress.com/ http://rmod.lille.inria.fr/web/pier/software/Fuel RMod 1 Wednesday, August 29, 2012 THANKS a lot!!! SummerTalk 2011 Student: Martin Dias 2

640 views • 9 slides
BEGINNER AND ADVANCED STEPS FOR WP SECURITY GEORGETOWN WORDPRESS MEETUP 03 APR 2019 @ GEORGETOWN

BEGINNER AND ADVANCED STEPS FOR WP SECURITY GEORGETOWN WORDPRESS MEETUP 03 APR 2019 @ GEORGETOWN

BEGINNER AND ADVANCED STEPS FOR WP SECURITY GEORGETOWN WORDPRESS MEETUP 03 APR 2019 @ GEORGETOWN LIBRARY www.BEACON.agency SCHEDULE AGENDA Why WordPress Security is Important 6:00p NETWORKING The Role of Web Hosting The Role of

448 views • 29 slides
Hardening WordPress (or, How Not To Get Hacked And What To Do When You Are) Gregory Ray dot

Hardening WordPress (or, How Not To Get Hacked And What To Do When You Are) Gregory Ray dot

Hardening WordPress (or, How Not To Get Hacked And What To Do When You Are) Gregory Ray dot gray inc. @dotgray Sunday, March 15, 15 Resources Codex.WordPress.org / Hardening_WordPress Blog.Sucuri.net / WordPress Security WPSecure.net /

608 views • 32 slides
BEGINNER AND ADVANCED STEPS FOR WP SECURITY RHODE ISLAND WORDPRESS MEETUP 11 Sept. 2018 @

BEGINNER AND ADVANCED STEPS FOR WP SECURITY RHODE ISLAND WORDPRESS MEETUP 11 Sept. 2018 @

BEGINNER AND ADVANCED STEPS FOR WP SECURITY RHODE ISLAND WORDPRESS MEETUP 11 Sept. 2018 @ Stillwater Books www.BEACON.agency SCHEDULE AGENDA Why WordPress Security is Important 6:00p NETWORKING The Role of Web Hosting The Role

509 views • 29 slides
WordPress Day 8 - Underscores 1 What is underscores? _s, or underscores , is a WordPress

WordPress Day 8 - Underscores 1 What is underscores? _s, or underscores , is a WordPress

TWD 25 WordPress Day 8 - Underscores 1 What is underscores? _s, or underscores , is a WordPress starter theme. It is a code base for building custom themes. 2 Why use underscores? Maintained by Automattic developers. This is the

821 views • 47 slides
Writing fiction on and off the page Jonathan Gibbs / http://tinycamels.wordpress.com / Twitter:

Writing fiction on and off the page Jonathan Gibbs / http://tinycamels.wordpress.com / Twitter:

Jonathan Gibbs / http://tinycamels.wordpress.com / Twitter: @tiny_camels Writing fiction on and off the page Jonathan Gibbs / http://tinycamels.wordpress.com / Twitter: @tiny_camels The creative writer does the same as the child at play. He

478 views • 9 slides
Static analysis and all that Martin Steffen IfI UiO Spring 2014 Static analysis and all that

Static analysis and all that Martin Steffen IfI UiO Spring 2014 Static analysis and all that

Static analysis and all that Martin Steffen IfI UiO Spring 2014 Static analysis and all that Martin Steffen IfI UiO Spring 2014 Plan approx. 15 lectures, details see web-page flexible time-schedule, depending on progress/interest

2.15k views • 194 slides
Welcome 1 Note for todays lecture Will be closely following book chapter 7 (read it

Welcome 1 Note for todays lecture Will be closely following book chapter 7 (read it

Graphics (INFOGR), 2018-19, Block IV, lecture 12 Deb Panja Today: Matrix reloaded 2 (or Viewing Transformations) Welcome 1 Note for todays lecture Will be closely following book chapter 7 (read it thoroughly to grab the concepts)

1.27k views • 62 slides
Make Cheaper Mistakes Anna Marie Clifton Product Manager, Yammer Clearly Product podcast

Make Cheaper Mistakes Anna Marie Clifton Product Manager, Yammer Clearly Product podcast

Make Cheaper Mistakes Anna Marie Clifton Product Manager, Yammer Clearly Product podcast @TweetAnnaMarie We make mistakes Make better, faster, cheaper mistakes An incredibly expensive Yammer mistake A whole new Android App A

1.34k views • 72 slides
Harness the Power of Data and AI for Legal Services Technology moves extremely fast. Finding

Harness the Power of Data and AI for Legal Services Technology moves extremely fast. Finding

Harness the Power of Data and AI for Legal Services Technology moves extremely fast. Finding the right partner will help you take advantage of it. Agenda Intro Microsoft and Plain Concepts Who we are in a nutshell Transforming Data Silos

597 views • 36 slides
Lean Startup Perseverance vs. Genchi Gembutsu Fredi Schmidli Presented @ GOTO

Lean Startup Perseverance vs. Genchi Gembutsu Fredi Schmidli Presented @ GOTO

Lean Startup Perseverance vs. Genchi Gembutsu Fredi Schmidli Presented @ GOTO Zrich, 11.04.2013 Fredi Schmidli Entrepreneur Business Angel Agile Management Coach Community Builder http://www.management30.com Content What?

570 views • 13 slides
MINIMUM VIABLE PRODUCT Erwin van der Koogh Elabor8 / 21st Century MBA

MINIMUM VIABLE PRODUCT Erwin van der Koogh Elabor8 / 21st Century MBA

MINIMUM VIABLE PRODUCT Erwin van der Koogh Elabor8 / 21st Century MBA erwin.vanderkoogh@elabor8.com.au @evanderkoogh You keep using that word. I dont think it means what you think it means.. SO WHAT DOES IT NOT MEAN? What we can build

1.06k views • 29 slides
Lessons in Leadership / Breakout Session Dragon Army Great Game of Business Atlanta, GA

Lessons in Leadership / Breakout Session Dragon Army Great Game of Business Atlanta, GA

Lessons in Leadership / Breakout Session Dragon Army Great Game of Business Atlanta, GA Asheville, NC There can be no Plan B. Lead as if theres no option other than success. There can be no

598 views • 18 slides
Building Great Libraries with .NET Standard C h a d G r e e n P r a i r i e . C o d e ( ) S e

Building Great Libraries with .NET Standard C h a d G r e e n P r a i r i e . C o d e ( ) S e

Building Great Libraries with .NET Standard C h a d G r e e n P r a i r i e . C o d e ( ) S e p t e m b e r 1 2 , 2 0 1 9 @chadgreen Who is Chad Green Director of Software Development at ScholarRx Microsoft MVP (Developer

920 views • 55 slides

More recommend