Upload File

a deeper level of malware inspection

1
Deeper Inspection. Better Threat Protection. Better threat protection starts with McAfee® Advanced Threat Defense. Experience fewer data breaches Reduce malware damage and clean-up costs Enhance security vigilance throughout the enterprise Malware is becoming more complicated, covert, and clever, and your threat defense needs to be able to respond with the same kind of cunning. Find out how to bolster your defenses at www.mcafee.com/ATD. Super charge your security defenses with McAfee Advanced Threat Defense. The combination of sandboxing and static code analysis can spot even the stealthiest malware. Stealthy malware can slip past your intrusion prevention system, gateway, and firewall. Take action automatically. McAfee is your best defense against elusive threats. Integrated security solutions—from network to endpoint—automatically freeze threats exposed by McAfee® Advanced Threat Defense. Sandboxing observes behavior and identifies malicious activity. But it can’t catch everything. Static code analysis strips stealthy code of its disguise. BLOCK FUTURE MALWARE INSTANCES BLOCK ENDPOINT MALWARE INSTALLATIONS STOP COMMAND AND CONTROL COMMUNICATIONS QUARANTINE COMPROMISED SYSTEMS Unpack malicious code Analyze disassembled code Reverse engineer exposed code to recover assembly code Make associations among malware families Find anomalies deep within files Hunt hidden and latent code PROCESS OPERATIONS NETWORK OPERATIONS RUN-TIME DLLS FILE OPERATIONS VIRTUAL ENVIRONMENT DETECTION DELAYED EXECUTION HIDDEN AND LATENT CODE OBFUSCATED FILES © 2014 McAfee, Inc. 61124info_atd-sneaky-malware_0614 The information in this document is provided only for educational purposes and for the convenience of McAfee customers. The information contained herein is subject to change without notice, and is provided “AS IS” without guarantee or warranty as to the accuracy or applicability of the information to any specific situation or circumstance. McAfee and the McAfee logo are trademarks or registered trademarks of McAfee, Inc. or its subsidiaries in the United States and other countries. Intel is a trademark of Intel Corporation in the U.S. and/or other countries. Other names and brands may be claimed as the property of others.

Upload: mcafee

Post on 16-Apr-2017

1.870 views

Category:

Technology


0 download

Report

TRANSCRIPT

Page 1: A Deeper Level of Malware Inspection

Deeper Inspection. Better Threat Protection.

Better threat protection starts with McAfee® Advanced Threat Defense.

Experience fewer data breaches

Reduce malware damage and clean-up costs

Enhance security vigilance throughout the enterprise

Malware is becoming more complicated, covert, and clever, and your threat defense needs to be able to respond with the same kind of cunning.

Find out how to bolster your defenses at www.mcafee.com/ATD.

Super charge your security defenses with McAfee

Advanced Threat Defense. The combination of

sandboxing and static code analysis can spot

even the stealthiest malware.

Stealthy malware can slip past your

intrusion prevention system, gateway,

and firewall.

Take action automatically.

McAfee is your best defense against elusive threats.

Integrated security solutions—from network to endpoint—automatically freeze threats exposed by McAfee® Advanced Threat Defense.

Sandboxing observes behavior and identifies malicious activity.

But it can’t catch everything.

Static code analysis strips stealthy code of its disguise.

BLOCK FUTURE MALWARE INSTANCES

BLOCK ENDPOINT MALWARE INSTALLATIONS

STOP COMMAND AND CONTROL COMMUNICATIONS

QUARANTINE COMPROMISED SYSTEMS

Unpack malicious code

Analyze disassembled code

Reverse engineer exposed code

to recover assembly code

Make associations among malware

families

Find anomalies deep within files

Hunt hidden and latent code

PROCESS OPERATIONS

NETWORKOPERATIONS

RUN-TIME DLLS

FILE OPERATIONS

VIRTUAL ENVIRONMENT

DETECTION

DELAYEDEXECUTION

HIDDEN AND LATENT CODE

OBFUSCATED FILES

© 2014 McAfee, Inc.61124info_atd-sneaky-malware_0614

The information in this document is provided only for educational purposes and for the convenience of McAfee customers. The information contained herein is subject to change without notice, and is provided “AS IS” without guarantee or warranty as to the accuracy or applicability of the information to any specific situation or circumstance.

McAfee and the McAfee logo are trademarks or registered trademarks of McAfee, Inc. or its subsidiaries in the United States and other countries. Intel is a trademark of Intel Corporation in the U.S. and/or other countries. Other names and brands may be claimed as the property of others.

Practical Malware Analysis: Ch 11: Malware Behavior

Malware - Northern Kentucky University · Malware detection. 2. Theory of malware. 3. ... target backdoors and worm flaws. ... Malware factories . are software and processes to

Digging Deeper Into Deep Packet Inspection (DPI)

Introduction to Mobile Malware. Outline ➢ Introduction ➢ Types of Malware ➢ Malware examples ➢ How Malware Spreads ➢ Prevention ➢ AndroRAT Hands-on Lab

DEEPER CITY Collective Intelligence Deeper City

Ch 12: Covert Malware Launching - samsclass.info · Practical Malware Analysis Ch 12: Covert Malware Launching Last revised: 4-10-17. Hiding Malware • Malware used to be visible

Malware Analysis Without Looking At Assembly Codegauss.ececs.uc.edu/Courses/c5155/pdf/malware-analysis.pdf · 2015. 11. 20. · Malware Analysis Malware typically employs encryption:

An Introduction To Keyloggers, RATS And Malware€¦ · Malware Malware has been a problem for ages, Malware is short form of malicious software. A Malware is basically a program

MALWARES MALWARE REVIEWED ISE DE Malware Reviewed · MALWARES There are public reports about spreading of malware named as ServHelper malware. It is a backdoor malware used by attacker

Malware and anti-malware (fun with Trojans) - Z. …z.cliffe.schreuders.org/edu/FS/Malware and anti-malware... · 2014-04-02 · Malware and anti-malware (fun with Trojans) ... with

Achieve deeper network security and application controlgu.dimensionsystems.com/wp-content/uploads/2017/07/... · system (IPS), real-time decryption and inspection of SSL sessions,

Computer Virology and Mobile Malware Detection · 2019-03-14 · Outline •Introduction •Computer Virology • Malware taxonomy • Encrypted malware •Malware Detection •Mobile

Reversing malware analysis trainingpart9 advanced malware analysis

Intrusion Detection and Malware Analysis - Malware analysis · Intrusion Detection and Malware Analysis Malware analysis Pavel Laskov Wilhelm Schickard Institute for Computer Science

Threat Bulletin Fileless Malware The Stealth Attacker · Threat Bulletin See. Control. Secure. Fileless Malware - The Stealth Attacker Fileless malware (FM), aka “non-malware”,

Malware Detection with Malware Images using …cosc.canterbury.ac.nz/research/reports/HonsReps/2018/...Malware Detection with Malware Images using Deep Learning Techniques by Ke HE

Intrusion Detection and Malware Analysis - Malware collection

Malware Analysis and Antivirus Technologies: Kernel Malware & A Look at Malware … · 2011-08-16 · Malware Analysis and Antivirus Technologies: Kernel Malware & A Look at Malware

Reversing malware analysis training part8 malware memory forensics

Malware Analysis Workshop June 5, 2012 - CCDCOE · Malware Analysis Workshop June 5, 2012 ... •Malware Analysis methods ... •Some malware doesnt run in Norman Sandbox

Metamorphic Malware 1 Metamorphic Malware Research

A Deeper Look at Malware The Whole Story · • The real detection rate and latest ... Mobile, Linux, Phish: 4% • 2006 Windows Executable (IM-worm, Email-worm, Spyware, Trojan,

Malware & Anti-Malware

Malware Slums: Measurement and Analysis of Malware on ...homepage.cs.uiowa.edu/~mshafiq/files/malware... · Malware Slums: Measurement and Analysis of Malware on Traffic Exchanges

Chapter 8 Malware - FTMS · – Boot virus – Logic Bomb virus – Directory virus – Resident virus. CSCA0101 Computing Basics 8 Malware Types of Malware ... Malware Types of Malware

Using optimization algorithms for malware deobfuscationsigurnost.zemris.fer.hr/ns/malware/2010_spasojevic/Diplomski_Spasojevic.pdf · Using optimization algorithms for malware deobfuscation

THE EVOLUTION OF MALWARE & FUTURE MALWARE MITIGATION

Detecting malware even when it is encrypted - OWASP...Detecting malware even when it is encrypted František Střasák [email protected] @FrenkyStrasak ... TLS inspection can use

Cisco Firepower Threat Defense · malware inspection. Then, optimize malware policies for the specific flow required. For example, if the flow requires you to inspect FTP traffic

Special Events 2018/2019 Growing Deeper Growing deeper

The power of cyber protection fileCyBrave Certified Malware Analysis Investigator (CCMAI|CCMAIE) Malware Analysis Investigator Entry Level Malware Analysis Investigator Malware Analysis

Malware and Anti-Malware Seminar by Benny Czarny

Part 4: Malware Functionality Chapter 11: Malware Behavior Chapter 12: Covert Malware Launching Chapter 13: Data Encoding Chapter 14: Malware-focused Network

Backdoor.Proxybox Russian Hackers, Proxy Resellers and ... · •Deeper Investigation –Malware was actually a SOCKS proxy –Passing PPC traffic from ... –Private Registration

DEEPER: An integrative platform for deeper roots