A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
ISDPodcast Button
RootSecure Button
Social-engineer-training Button
Irongeek Button

Web Hosting:
Dreamhost Logo
Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Exploring the Target Exfiltration Malware with Sandbox Tools — Adam Hogan (Circle City Con 2014 Videos) (Hacking Illustrated Series InfoSec Tutorial Videos)

Exploring the Target Exfiltration Malware with Sandbox Tools — Adam Hogan
Circle City Con 2014
http://circlecitycon.com

Abstract: I will demonstrate what kind of intelligence we can learn about malware by analyzing it in a sandbox environment. Specifically, I will show a sandbox report of both static and dynamic analysis for the malware that was used to exfiltrate credit card data from Target last Christmas season.

I will show what we can learn about that malware, and how we could use that information to stop the attack. Ultimately, however, I will argue that sandboxing is not a silver bullet. It generally requires good personnel familiar with analyzing malware to fully utilize the data. It may not be easily automated. Organizations will have to decide if they have a team built to use this kind of tool.

Author Bio: Adam Hogan got his start in security by learning Snort and other open source tools instead of attending class, and has been snorting fort the past decade. Sourcefire eventually hired him to write their training manuals and classes. He now works as a Consulting Security Engineer for Sourcefire (now part of Cisco). Adam lives in Columbus spends his free time using video games to avoid working on his dissertation.

Back to Circle City Con 2014 Videos list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2014, IronGeek
Louisville / Kentuckiana Information Security Enthusiast