Fileless Malware - The New Cyber Threat
Offered By: YouTube
Course Description
Overview
Explore the world of fileless malware in this 42-minute conference talk from Derbycon 7 (2017). Delve into the history, types, and stages of fileless malware infections, including delivery, execution, and persistence mechanisms. Examine interesting execution and persistence techniques, and analyze a real-world TrickBot campaign. Learn about password-protected Word documents, Poweliks delivery and persistence, DNS forwarding, PowerShell usage, and command retrieval. Gain insights into command and control structures, and discover defensive strategies against this evolving cyber threat.
Syllabus
Intro
Why This Talk?
Fileless Malware - A Brief History
Types of "Fileless" Malware
Stages of A Malware Infection
Malware: Droppers vs. Payloads
Delivery Stage
Execution Stage
Interesting Execution Mechanisms
Persistence Stage
Common Persistence Mechanisms
Interesting Persistence Mechanisms
EXAMPLE TRICKBOT CAMPAIGN
PASSWORD PROTECTED WORD DOC
PAYLOAD - TRICKBOT
Poweliks - Delivery
Poweliks - Persistence
Normal DNS Forwarding
Stage 2 - Persistence for Stage 3?
Stage 2 - Powershell
Stage 4 - Command Retrieval
Command & Control
Stage 4 - Command Output
Fileless Malware - Defense
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network