|−|'''Malware''' is a short version of '''Malicious Software'''. |+|
a of .
| || |
|−|Malware is software used for data theft, device damage, harassment, etc. It is very similar to computer malware. It installs things such as trojans, worms, and botnets to the affected device. It is illegal to knowingly distribute malware. |+|
is for . It , , and the .
| || |
|−|== Virus == |+|
|−|A computer program that can automatically copy itself and infect a computer. |+|
| || |
|−|== Worm == |+|
- that can a .
|−|A self- replicating computer program that can automatically infect computers on a network. |+|
| || |
|−|== Trojan horse == |+|
a , but .
|−|A computer program which appears to perform a certain action, but actually performs many different forms of codes. |+|
| || |
|−|== Spyware == |+|
|−|A computer program that can automatically intercept or take partial control over the user' s interaction. |+|
| || |
|−|== Exploit Kit == |+|
|−|A toolkit that automates the exploitation of client-side vulnerabilities, targeting browsers and programs that a website can invoke through the browser [http://blog.zeltser.com/post/1410922437/what-are-exploit-kits]. Often utilizing a drive-by-download. |+|
|−|=== Drive-by-download === |+|
|−|Any download that happens without a person's knowledge [http://en.wikipedia.org/wiki/Drive-by_download]. |+|
|−|== Rootkit == |+|
|−|A rootkit is a stealthy type of software, typically malicious, designed to hide the existence of certain processes or programs from normal methods of detection and enable continued privileged access to an operating system. |+|
|−|== See Also == |+|
|−|* [[Malware analysis]] |+|
|−|== External Links == |+|
|−|* [http://en.wikipedia.org/wiki/Malware Wikipedia: malware] |+|
|−|* [http://en.wikipedia.org/wiki/Drive-by_download Wikipedia: drive-by-download] |+|
|−|* [http://www.viruslist.com/ Viruslist.com] |+|
|−|* [http://code.google.com/p/androguard/wiki/DatabaseAndroidMalwares Androguard]: A list of recognized Android malware |+|
|−|=== Analysis === |+|
|−|* [http://sempersecurus.blogspot.ch/2013/12/a-forensic-overview-of-linux-perlbot.html A Forensic Overview of a Linux perlbot], by Andre M. DiMino, December 17, 2013 |+|
|−|* [http://research.zscaler.com/2014/02/probing-into-flash-zero-day-exploit-cve.html Probing into the Flash Zero Day Exploit (CVE-2014-0502)], by Krishnan Subramanian, February 21, 2014 |+|
|−|=== Exploit Kit === |+|
|−|* [http://blog.zeltser.com/post/1410922437/what-are-exploit-kits What Are Exploit Kits?], by [[Lenny Zeltser]], October 26, 2010 |+|
|−|* [http://nakedsecurity.sophos.com/2013/07/02/the-four-seasons-of-glazunov-digging-further-into-sibhost-and-flimkit/ The four seasons of Glazunov: digging further into Sibhost and Flimkit], by Fraser Howard, July 2, 2013 |+|
|−|* [http://www.kahusecurity.com/2013/kore-exploit-kit/ Kore Exploit Kit], Kahu Security blog, July 18, 2013 |+|
|−|=== Rootkit === |+|
|−|* [http://en.wikipedia.org/wiki/Rootkit Wikipedia: Rootkit] |+|
|−|* [http://articles.forensicfocus.com/2013/11/22/understanding-rootkits/ Understanding Rootkits: Using Memory Dump Analysis for Rootkit Detection], by Dmitry Korolev, Yuri Gubanov, Oleg Afonin, November 22, 2013 |+|
Latest revision as of 09:14, 21 March 2014
The SANS Institute was established in 1989 as a cooperative research and education organization. Its programs now reach more than 165,000 security professionals around the world. A range of individuals from auditors and network administrators, to chief information security officers are sharing the lessons they learn and are jointly finding solutions to the challenges they face. At the heart of SANS are the many security practitioners in varied global organizations from corporations to universities working together to help the entire information security community.
SANS is the most trusted and by far the largest source for information security training and security certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet's early warning system - the Internet Storm Center.
Computer Security Training & Certification
SANS provides intensive, immersion training designed to help you and your staff master the practical steps necessary for defending systems and networks against the most dangerous threats - the ones being actively exploited. The courses are full of important and immediately useful techniques that you can put to work as soon as you return to your offices. They were developed through a consensus process involving hundreds of administrators, security managers, and information security professionals, and address both security fundamentals and awareness, and the in-depth technical aspects of the most crucial areas of IT security.
SANS training can be taken in a classroom setting from SANS-certified instructors, self-paced over the Internet, or in mentored settings in cities around the world. Each year, SANS programs educate more than 12,000 people in the US and internationally. To find the best teachers in each topic in the world, SANS runs a continuous competition for instructors. Last year more than 90 people tried out for the SANS faculty, but only five new people were selected.
SANS also offers a Work Study Program through which, in return for acting as an important extension of SANS' conference staff, facilitators may attend classes at a greatly reduced rate. Facilitators are most definitely expected to pull their weight and the educational rewards for their doing so are substantial.