a
A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Exploit Kits and Indicators of Compromise - Brad Duncan (BSides Augusta 2016) (Hacking Illustrated Series InfoSec Tutorial Videos)

Exploit Kits and Indicators of Compromise
Brad Duncan

Exploit kits are well known among security professionals, but this form of malware distribution is often misunderstood. Exploit kits exist in an ecosystem that must be considered when discussing this important subject. In his talk, Brad Duncan explores the terminology necessary for a better understanding of exploit kits. He covers the sequence of events that result in an infected Windows host, starting with a compromised website and ending with the exploit kit delivering its payload. Exploit kits are well known among security professionals, but this form of malware distribution is often misunderstood. Exploit kits exist in an ecosystem that must be considered when discussing this important subject. In his talk, Brad Duncan explores the terminology necessary for a better understanding of exploit kits. He covers the sequence of events that result in an infected Windows host, starting with a compromised website and ending with the exploit kit delivering its payload.

Brad Duncan specializes in network traffic analysis and exploit kit detection. After more than 21 years of classified intelligence work for the US Air Force, Brad transitioned to cyber security in 2010. He has worked for the US Air Force CERT and Rackspace. Brad is currently a Threat Intelligence Analyst for Palo Alto Networks Unit 42. He is also a handler for the Internet Storm Center (ISC) and has posted more than 60 diaries at isc.sans.edu. Brad routinely blogs technical details and analysis of infection traffic at www.malware-traffic-analysis.net.

@malware_traffic

Back to BSides Augusta 2016 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast