Malware Analysis Resources
Links:
Cisco Security Reports
Microsoft Security Intelligence Reports
CMU's Software Engineering Institiute blog
Sam Bowne's materials, see https://samsclass.info/126/PMA.shtml
SANS Institute Reading Room
Krebs on Security (for example, this post on Proxybots)
Techspot (for example, Interview with Malwarebytes' founder, Marcin Kleczynski)
Lots of good information, career advice as well as technical, at Cyber Security Guide https://cybersecurityguide.org/
PandaLabs has several blogs, which you can access here...PandaLabs. Recent topics include quantum computing, exploit kits, ransomware, and who knows?
and then there's the G Data Security Blog. We call your attention to an example of a malware anlysis writeup for Spora - the Shortcut Worm that is also a Ransomware
and naked security , by Sophos, another A-V vendor, has a blog with a wider area of focus (IMHO)
TrendLabs operates a Security Intelligence Blog
Forcepoint Security Labs™ recently investigated a trojanized RTF document which we tied to the Carbank criminal gang. See the Forcepoint Security Labs Blog
Spring 2018 TA RJ suggests the following blogs:
The blogosphere continues to talk about exploit kits:
- Exploit kits remain a cybercrime staple against outdated software – 2016 threat landscape review series
- The curious case of a Sundown EK variant dropping a Cryptocurrency Miner (updated)
- Updated Sundown Exploit Kit Uses Steganography
- Top Exploit Kit Activity
Lots of good malware-related tools are available at FileHippo, including
- UVK Ultra Virus Killer and there's a portable version too
- Windows ISO Downloader
- IPNetInfo
- YUMI (Your Universal Multiboot Installer)
- USBFix
- KeePass
Other Courses:
If you are teaching a malware course, send me an email and I will list it!
You can learn a lot from the YouTube Channel Malware Analysis for HedgeHogs!
An hour-long talk entitled radare demystified, from a conference, and I need to chase down the proper attribution
Kaspersky offers courses on some interesting topics, at different sites around the world. For example,
- Hunt APTs with Yara like a GReAT Ninja, and this 15 minute podcast
- Malware Reverse Engineering
Helsinki University of Technology (Finland) Special Course in Information Security
Carnegie-Mellon University Vulnerability, Defense Systems, and Malware Analysis
SANS Institute FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques
SEI Training Malware Analysis Apprenticeship
University of Illinois CS498SH: Malware Analysis
University of Tubingen (Germany) Intrusion Detection and Malware Analysis
University of Texas - Dallas System Security and Binary Code Analyisis
Groups or Individuals Doing Interesting Research:
Chris Kruegel, UCSB
Georgia Tech Research Institute (e.g. their Titan project)
Other suggestions welcome!
Downloads:
The DVD that came with the Malware Analyst's Cookbook is here as a tarfile (extract wih tar xvzf cookbook.tgz)
BEWARE! more than 900 MEGS