• KURZY
    • Najbližšie kurzy
      • Bezpečnosť informácií v online svete
      • GDPR v informačnej bezpečnosti
      • How to spot and defend against adversaries movements in your network
    • GDPR Kurzy
      • DPO Bootcamp
      • Elektronický podpis a jeho využitie v praxi
      • GDPR Vakcína
      • GDPR v informačnej bezpečnosti
      • Koronavírus (COVID-19) a spracúvanie osobných údajov podľa GDPR (videozáznam)
      • Marketing vo svete GDPR
      • Práca z domu “v novom normále”
    • InfoSec & CyberSec
      • AWS Security Hub
      • Aktuálne bezpečnostné hrozby a ako na ne reagovať
      • Bezpečná elektronická komunikácia
      • How to build and run in-house SOC
      • How to spot and defend against adversaries movements in your network
      • Incident response workshop
      • Aktuálne kybernetické hrozby
      • Malware analysis
      • Monitorovanie hrozieb v SCADA ICS
      • Ofenzívna bezpečnosť sociálnym inžinierstvom
      • Privilegovaní používatelia – hrozba, o ktorej by ste mali vedieť
      • Security Basics for Managers
      • Security Information & Event Management
      • Security Operation Center
      • Threat Hunting
      • Your Android has been hacked
  • Interné školenia
  • Prieskumy
  • Podujatia
    • CISO Club
    • CySec Club
    • DPO Club
    • QuBit Conference Belgrade
    • QuBit Conference Prague
    • QuBit Conference Sofia
    • QuBit Conference Tatry
  • Blog
  • O NÁS
  • KONTAKT
QuBit Academy
  • KURZY
    • Najbližšie kurzy
      • Bezpečnosť informácií v online svete
      • GDPR v informačnej bezpečnosti
      • How to spot and defend against adversaries movements in your network
    • GDPR Kurzy
      • DPO Bootcamp
      • Elektronický podpis a jeho využitie v praxi
      • GDPR Vakcína
      • GDPR v informačnej bezpečnosti
      • Koronavírus (COVID-19) a spracúvanie osobných údajov podľa GDPR (videozáznam)
      • Marketing vo svete GDPR
      • Práca z domu “v novom normále”
    • InfoSec & CyberSec
      • AWS Security Hub
      • Aktuálne bezpečnostné hrozby a ako na ne reagovať
      • Bezpečná elektronická komunikácia
      • How to build and run in-house SOC
      • How to spot and defend against adversaries movements in your network
      • Incident response workshop
      • Aktuálne kybernetické hrozby
      • Malware analysis
      • Monitorovanie hrozieb v SCADA ICS
      • Ofenzívna bezpečnosť sociálnym inžinierstvom
      • Privilegovaní používatelia – hrozba, o ktorej by ste mali vedieť
      • Security Basics for Managers
      • Security Information & Event Management
      • Security Operation Center
      • Threat Hunting
      • Your Android has been hacked
  • Interné školenia
  • Prieskumy
  • Podujatia
    • CISO Club
    • CySec Club
    • DPO Club
    • QuBit Conference Belgrade
    • QuBit Conference Prague
    • QuBit Conference Sofia
    • QuBit Conference Tatry
  • Blog
  • O NÁS
  • KONTAKT

Malware analysis

  • Home
  • Malware analysis

Malware analysis

More info

Denisa Lavková
+421 948 959 957
Register 

4-hour case study based online workshop

Description

Many computer security incidents are related to the malware. Incident responders and investigators are often required not only to find the malware samples, but they also have to identify them and understand their purpose and abilities. Moreover, especially in enterprise and government environments, it is highly desired to go deeper, collect IOCs for Threat Hunting and Monitoring teams and find its origin and attribution. Malware analysis and research accelerated with Threat Intelligence can significantly speedup the incident response process.

During this unique Case study-based Malware Analysis Workshop, we cover all of the aforementioned phases. The Case study is based on the real incidents in an enterprise network with thousands of endpoints and hundreds of compromised machines. We will identify and analyze multiple samples captured in the wild, which were used by current Threat Actor group during these incidents in the first half of 2020. Moreover, we will go beyond the standard malware analysis and we will enrich our results with the Threat Intelligence and Research methods, so we will be able to find the deleted malware artifacts and reconstruct the original attack chain including the initial exploitation, local privilege exploit, two backdoors, main payload and multiple persistence techniques.

Prerequisites

The participants should:

  • be familiar with Windows OS
  • have a little bit experience with X86 assembly *they should be able to read at least few basic instructions
  • have a laptop with at least 8GB of RAM, 20 GB of free space on HDD/SSD and installed VirtualBox (64-bit edition)
  • have an active unfiltered network connection
    • should be able to download the LAB VMs in advance
    • should be able to download few ZIP-archives with malicious
      content into their VM
    • for troubleshooting, participants should be prepared for share their screen (if
      desired), thus it is highly recommended to hide sensitive stuff from their Desktop

Target Audience

  • Malware and forensic analysts
  • Security specialists
  • Incident responders
  • Software developers
  • Enthusiasts with technical skills
Duration: 4 hours including one 15-minutes break
Workshop will be taught in english.
Maximum number of participants: 20

Ladislav Baco

Senior Security Consultant and Malware Analyst | LIFARS

Ladislav Baco is a Senior Security Consultant and Malware Analyst in LIFARS LLC, with more than 10 years of experiences in Computer Security, Computer Science and education. During his previous employments he worked for Government of EU Country as analyst in National and Governmental CSIRT Slovakia, with focus on Incident Response, Malware Analysis and Forensic Analysis. Later he also led CSIRT's Analytical Department and Department of Cyber Threat Analysis.

He also cooperated with multiple Universities in Slovakia on Cyber Security educational program for students and consulted their Bachelor and Diploma Theses.

Moreover, Ladislav participated in many of famous Cyber Security Exercises (such as Cyber Europe by Enisa or NATO Locked Shields and Cyber Coalition) and he has hands-on with real APT and targeted attacks, too.

 Currently Ladislav is focused mainly on Incident Response, Threat Hunting, Cyber Threat Analysis and Malware Analysis, which includes also his own research of famous malware families as well as APT attacks and new approaches of Cyber Threat Remediation.

Register for workshop 
I am interested in in-house workshop 

Pridajte sa k nám

Copyright © 2016-2021 QuBit Security s.r.o., Všetky práva vyhradené. - Vyhlásenie o spracúvaní osobných údajov - Všeobecné obchodné podmienky

LinkedIn  Twitter  Facebook

Cookies používame na zlepšenie funkcionality tejto webovej stránky. Ďalšie použitie tejto webovej stránky považujeme za Váš súhlas s ukladaním cookies vo vašom prehliadači. Viac informácií nájdete vo Vyhlásení o spracúvaní osobných údajov.OkVyhlásenie o spracúvaní osobných údajov