YoVDO

A New Secret Stash For Fileless Malware

Offered By: nullcon via YouTube

Tags

nullcon Courses Cybersecurity Courses Malware Analysis Courses Incident Response Courses Shellcode Courses Windows Event Logs Courses

Course Description

Overview

Explore the latest advancements in fileless malware attacks and their sophisticated implementation methods in this 43-minute conference talk from Nullcon Goa 2022. Delve into Kaspersky's 2022 discovery of new techniques used to conceal malicious code, with a particular focus on the unprecedented use of Windows event logs in infection chains. Learn how attackers exploit event logging systems to store binary data and execute shellcode, raising concerns about the security of the world's most widely used operating system. Examine the intricate process of how droppers save shellcode into Key Management System event sources and how malicious modules reconstruct and execute this code. Gain insights into the additional tactics employed by actors to obfuscate the infection process, including the patching of Windows API functions related to logging. Enhance your understanding of cutting-edge cybersecurity threats and defense strategies in this informative presentation on fileless malware evolution.

Syllabus

A New Secret Stash For Fileless Malware by Denis Legezo | Nullcon Goa 2022


Taught by

nullcon

Related Courses

Computer Security
Stanford University via Coursera
Cryptography II
Stanford University via Coursera
Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera
Building an Information Risk Management Toolkit
University of Washington via Coursera
Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network