This Digging Deep into Malware, Spyware and Phishing course will provide students with the knowledge and learned skills necessary to cut the time intensive eradication of malware and spyware residing within the corporate enterprise or on servers residing in any company, institution or organization. A proactive approach to protect against phishing schemes as well, students will get a strong understanding of best practiced procedures, cutting engineering life-cycles, increasing awareness and knowledge, while eliminating the time-intensive, cost prohibitive and antiquated process of “search and destroy”.
Students will explore the methodologies of the most malevolent malware and spyware agents facing today’s organizations and institutions. Students will discover information-gathering techniques and preventive measures of phishing expeditions, malware definitions, invasive/corrupt signatures and data sets. Students will learn about next generation exploited vectors and threats targeted at the kernel and router level. An emphasis will be placed on investigative procedure, registry analysis, methodology and the preservation of evidentiary integrity, while shortening the time-sensitive engineering life-cycles of the “malware investigative procedure”.
Our Malware/Spyware and Phishing course is for anyone dealing with these agents and attacks on a day-to-day or week-to-week basis. Or those interested in knowing the deep, technological specfics pertaining to these kinds of attacks. This would include security engineers, security administrators, network engineers, network administrators, help-desk personnel and tech-support services dealing with the eradication of malware or spyware on a day-to-day or week-to-week basis. Others who may have an interest in attending, are those who want to learn about Malware or Spyware, what the industry is anticipating and what are some of the targeted "next generational" threats that companies may want to know about? Would include Team Leaders of IT Security, Directors of IT/IS Security, CIO, CTO, CISO and CFO.
· SPACE IS LIMITED
· REGISTRATION IS REQUIRED
Please let us know if on-site team trainingat your facilities is of interest. Security Forensics ensures our courses are all-inclusive and cost effective by working within an organizations budget.
System Monitors
-
-Attack Vectors
-Technical Drill Down into Exposures at the Server, Client and Router levels
-Malware Breaches, Phishing Expeditions : Reverse Engineering Characteristics
-Buffer Overflow – Technical Drill Down - Stack functions (exploited executables)
-Advanced Keylogging schemes and drill down
Building Bots, Botnets and Zombie Hosts
-
-Autorooting (technical drill down into exploited vulnerabilities)
-Proxy Functions explained
-Web based command controls; Interloping (technical drill down)
-Port Redirects
-IRC Command Functions
-Malware Kill Processes (code analysis, reverse engineering)
-Packet Capturing
-Drive-by downloads and BHO’s
-RootKit: Technical drill down into the Kernel and Router levels
-Cloaking
-Data-Structure Manipulation
Methodologies and Wireless Phishing
-
-DNS Cache Poisoning
-Header Forgery; line-by-line deciphering
-Wireless Phishing Exposed (technical drill down and demonstration into Bluetooth, WinCE, RFID susceptibility)
-Next Generation attacks
Prevention
-
-Post Attack Incident Response and Planning
-IT Auditing
-Preserving Evidentiary Integrity
-Defining a Chain-of-Custody