Malware, Spyware and Phishing Forensics Course: 1-Day: Washington, DC
Location: George Mason University; Arlington, VA
Cost:
Registration Form
This Malware/Spyware and Phishing course will provide students with the knowledge and learned skills necessary to cut the time intensive eradication of malware and spyware residing within the corporate enterprise or on servers residing in any company, institution or organization. A proactive approach to protect against phishing schemes as well, students will get a strong understanding of best practiced procedures, cutting engineering life-cycles, increasing awareness and knowledge, while eliminating the time-intensive, cost prohibitive and antiquated process of “search and destroy”.
Students will explore the methodologies of the most malevolent malware and spyware agents facing today’s organizations and institutions. Students will discover information-gathering techniques and preventive measures of phishing expeditions, malware definitions, invasive/corrupt signatures and data sets. Students will learn about next generation exploited vectors and threats targeted at the kernel and router level. An emphasis will be placed on investigative procedure, registry analysis, methodology and the preservation of evidentiary integrity, while shortening the time-sensitive engineering life-cycles of the “malware investigative procedure”.
Our Malware/Spyware and Phishing course is for Tier 1 and/or Tier 2 first responders. This would include security engineers, security administrators, network engineers, network administrators, help-desk personnel and tech-support services dealing with the eradication of malware or spyware on a day-to-day or week-to-week basis. Others who may have an interest in attending, are those who want to learn about Malware or Spyware, what the industry is anticipating and what are some of the targeted "next generational" threats that companies may want to know about? Would include Team Leaders of IT Security, Directors of IT/IS Security, CIO, CTO, CISO and CFO.
· SPACE IS LIMITED
· REGISTRATION IS REQUIRED
Please let us know if on-site team training at your facilities is of interest. Security Forensics ensures our courses are all-inclusive and cost effective by working within an organizations budget.
Overview and History of Malware, Spyware and Phishing Schemes
| - |
Where and when did malicious targeted activity begin? |
| - |
The Adware and Phishing economy |
| - |
Corporate and Institutional loss and damage |
| - |
Overview/Discussion of Congressional impact, Government Mandates (SOX, GLB, HIPPA1&2, SEC 17a-3 & 4, NASD) |
The Differentiation and Definitions of Malware, Spyware and Phishing
| - |
Methodologies of today’s most malevolent agents |
| - |
Trends of Malware and Phishing schemes |
| - |
Types of malware and spyware information gathering techniques including code deciphering/auto replication schemes/Header Forgery
-Advanced Keyloggers
-Autorooting
-Botnet Hijackers
-Cross-site cookies and Loyaltywares
-Dialers, Data Miners
-DNS Cache Poinsoning
-Malware Kill Processes and functionality
-Phishing exploits
-Reverse DDoS
-Rootkits |
Drill Down and Understanding Causal Affect of Top Threats Facing Corporations and Institutions
| - |
-Apropos
-Cool Web Search (CWS)
-Direct Revenue – abetterinternet
-Elitebar
-Gator
-Internet Optimization
-ISTBar/AVupdate
-Keenvalue
-N-Case (m-SBB.exe)
-Perfect Keylogger
-PSGuard
-Purity Scan
-Spyware Strike
-SurfSideKick
-TIBS Dialer
-Transponder (VXXZ)
-Virtumonde |
Malware and Phishing Identification/Profiling
| - |
-Vector/ Silent Vector breaches
-Malware/Spyware bots
-Malware/Spyware botnets
-Signatures
-IE drive by and Social Engineering aspect
-Exploits at the router and server level (Unicode Traversal, SQL Insertion, Byte Verify, RPC DCOM, Cisco SNMP) |
Demonstration of Steps to Perform a Corporate Spyware Audit and Analyze bots and botnet
| - |
-Practical Demonstration on Spyware/Malware IT Audits
-Practical on spyware/malware IT Auditing Tools
-Demonstration on Anti-Spyware, Anti-malware and Anti-phishing applications and tools
-Examining conflicts with legitimate applications
-Understanding threats to the corporate environment
-Identifying threats to Intellectual Property
-Performing a registry analysis, log file analysis and back-up
-Demonstration on performing an un-corrupted drive copy (MD5 hash sets) |
Proactive Measures
| - |
-Plugging the security holes
-Education of end-user licensing agreement’s (EULA)
-URL Blocking |
Defining the Methodology and Procedure for Analysis
| - |
-Practical on drive analysis and suspect profiling
-Preserving the evidentiary integrity
-Developing and defining a Chain of Custody |
|