67 min listen
Unavailable
Currently unavailable
2017-016-Fileless_Malware, and reclassifying malware to suit your needs
Currently unavailable
2017-016-Fileless_Malware, and reclassifying malware to suit your needs
ratings:
Length:
66 minutes
Released:
May 2, 2017
Format:
Podcast episode
Description
Malware is big business, both from the people using it, to the people who sell companies blinky boxes to companies saying that they scare off bad guys. The latest marketdroid speak appears to be the term 'fileless malware', which by definition... FTA: “Malware from a "fileless" attack is so-called because it resides solely in memory, with commands delivered directly from the internet. The approach means that there's no executable on disk and no artefacts ("files") for conventional computer forensic analysis to pick up, rendering the attacks stealthy, if not invisible. Malware infections will still generate potential suspicious network traffic.” https://www.theregister.co.uk/2017/04/28/fileless_malware_menace/ -- by definition, not ‘fileless’ But many of the 'fileless' attacks require a 'file' to be opened to enable the initial infection. This week, Michael Gough (@hackerhurricane) comes on to discuss his latest blog post (http://hackerhurricane.blogspot.com/2017/05/fileless-malware-not-so-fast-lets.html) and we discuss the fact that a lot of malware classification and categorization and how it fails to actually convey to leaders what it affects https://business.kaspersky.com/targeted-attacks-trends/6776/ http://www.binarydefense.com/powershell-injection-diskless-persistence-bypass-techniques/ Direct Link: http://traffic.libsyn.com/brakeingsecurity/2017-016-fileless_malware_reclassifying_malware_types.mp3 Youtube Channel: https://www.youtube.com/channel/UCZFjAqFb4A60M1TMa0t1KXw iTunes Store Link: https://itunes.apple.com/us/podcast/brakeing-down-security-podcast/id799131292?mt=2 #Google Play Store: https://play.google.com/music/m/Ifp5boyverbo4yywxnbydtzljcy?t=Brakeing_Down_Security_podcast Bsides Springfield, MO Eventbrite for Tickets: https://www.eventbrite.com/e/bsides-springfield-tickets-33495265240 (only 27 tickets left as of 28 Apr) --------- Jay Beale’s Class “aikido on the command line: hardening and containment” JULY 22-23 & JULY 24-25 AT BlackHat 2017 https://www.blackhat.com/us-17/training/aikido-on-the-command-line-linux-hardening-and-containment.html --------- Join our #Slack Channel! Sign up at https://brakesec.signup.team #RSS: http://www.brakeingsecurity.com/rss #iHeartRadio App: https://www.iheart.com/show/263-Brakeing-Down-Securi/ #SoundCloud: https://www.soundcloud.com/bryan-brake Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast on #Patreon: https://www.patreon.com/bds_podcast #Twitter: @brakesec @boettcherpwned @bryanbrake #Player.FM : https://player.fm/series/brakeing-down-security-podcast #Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr #TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/
Released:
May 2, 2017
Format:
Podcast episode
Titles in the series (100)
2017-042-Jay beale, Hushcon, Apple 0Day, and BsidesWLG audio: Ms. Berlin and Mr. Boettcher are on holiday this week, and I (Bryan) went to Hushcon (www.hushcon.com) last week (8-9 Dec 2017). Lots of excellent discussion and talks. While there, our friend Jay Beale (@jaybeale) came on to discuss Hushcon, as well... by BrakeSec Education Podcast