APR 12205 S Yukon Ave Glenpool, OK, 74033
THIS EVENT HAS BEEN POSTPONED to TBD DATE.
NCC Group's very own Michael Gough will be presenting a two-day course titled Malware Discovery and Basic Analysis at BSides Oklahoma April 8-9 in addition to giving a presentation on April 10 titled You need a PROcess to check your running processes and modules. The bad guys, and red teams are coming after them!. To learn more about his presentations, read below or visit https://www.bsidesok.com/.
Malware Discovery and Basic Analysis | April 8-9, 2020
This course focuses on performing fast triage and how to discover if a system has malware, how to build a malware analysis lab and perform basic malware analysis quickly. The concept of Malware Management, Malware Discovery and Basic Malware Analysis will be discussed with exercises linking the three concepts together.
You need a PROcess to check your running processes and modules. The bad guys, and red teams are coming after them! | April 10, 2020
If there is a file on disk, you can easily SEE the bad fu, but what if the malware is nowhere to be found on the disk? Malware can be broken up into several types, some call it “fileless malware” (poor non-descript term). The malware really isn’t fileless, the file, or code lives somewhere, the registry, WMI database, or the focus of this talk, in memory. This talk will focus on Memware that has been injected into memory, most likely injected a process or added a DLL and may not reside on disk while the system is running. Do you have a PROcess to detect, investigate, respond, and/or hunt for Memware?