These articles and notes describe my perspective on malware threats and associated defensive techniques. Join the fight by learning how to combat malicious software.
Attackers have ramped up their efforts with a dangerous cocktail of social engineering, Web-based attacks and persistence. How will your organization stay ahead?
In the fight against malicious software, it's not enough to treat individual infected machines. Here's how to develop a malware strategy that protects an entire enterprise.
This list offers links to sites where malware researchers can download samples of malicious software. Be careful!
Examining the capabilities of malicious software allows your IT team to better assess the nature of a security incident, and may help prevent further infections. Here's how to set up a controlled malware analysis lab—for free.
This cheat sheet outlines tips and tools for reverse-engineering malicious documents, such as Microsoft Office (DOC, XLS, PPT) and Adobe Acrobat (PDF) files.
This note summarizes my recommendations for what to include in the report that describes the results of the malware analysis process.
Several organizations offer free on-line tools for looking up a potentially malicious website. Some of these tools provide historical information; others examine the URL in real time to identify threats.
Several organizations maintain and publish blocklists/blacklists of IP addresses and URLs of systems and networks suspected in malicious activities on-line. This brief note mentions several such publicly-available lists.
This brief note provides a listing of freely-available services that automate key behavioral analysts tasks for malicious software.
This article presents recommendations for addressing the risks associated with modern malware. Stopping malware requires an approach grounded in awareness and control.
This is a cheat sheet of shortcuts and tips for reverse-engineering malware. It covers the general malware analysis process, as well as useful tips for OllyDbg, IDA Pro, and other tools.
This article describes an approach to using VMware virtualization for setting up a malware analysis sandbox.
This paper defines a framework for using easily-accessible tools and a dual-phased approach to examine malware such as viruses, worms, and trojans.
This article examines the evolution of malicious agents by analyzing popular viruses, worms, and trojans, and detailing the possibility of a new breed of malicious software.
Copyright © 1995-2013 Lenny Zeltser. All rights reserved. RSS Feed.
The information on this site does not necessarily represent positions or opinions of my employer.