Meanwhile, FBI says it’s making the process more private and more of a two-way street

View full post on DarkReading – All Stories

In this podcast, Laura Heather, Marketing Manager for Infosecurity Europe gives an update on this year's event, which will be opening its doors on the 27th of April in Earls Court, London.

Heather …

View full post on Help Net Security – News

Product Description
Students will master the objectives for the new MCSE exam # 70-298…. More >>

70-298: MCSE Guide to Designing Security for Microsoft Windows Server 2003 Network

Roll up

Microsoft released an emergency IE patch on Tuesday after deciding that a upswing in hacking attacks targeting a zero-day vulnerability in IE 6 and 7 couldn’t wait for the next scheduled edition of Patch Tuesday, due on 13 April.…

View full post on The Register – Security

In the malware analysis world, you have to have your tools that you feel most comfortable to use, otherwise, a task that could be

accomplished in 10 minutes would take hours.

But sometimes, finding the right tool for the task can be quite a challenge. This is one of the reasons that I decided to create a site,

called www.mysectools.com, where I am able to share some tools that were quite valuable on my day by day malware analysis tasks.

Now, I would like to comment on two tools that I was recently introduced.

The first one is not directly related to Malware Analysis (at least on the concept), since it is more a develpment tool. It is called

WinAPIOverride32 .

It is actually a package/suite with 3 different tools, but the one that I like most is the dumper.exe, because sometime you want more

than just a click and dump application. This one gives you the freedom to chose what/how you want to dump a module, for example.

The second one is an Anti-Rootkit tool, called XueTr , which honestly I didnt try

outside a controlled environment (vmware,etc…).
This is another quite powerful tool, which in some point reminds me IceSword which if you dont know, I would recommend to check.

Happy Malware Analysis!
—————————————————————-
Pedro Bueno (pbueno /%%/ isc. sans. org)
Twitter: http://twitter.com/besecure
www.mysectools.com

(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.

View full post on SANS Internet Storm Center, InfoCON: green