Div0 WICS Workshop — Threat Hunting with YARA
Updated: Nov 30, 2021
With a constantly evolving threat landscape, it’s crucial for security specialists to keep their skills up to date. One of the most important skills to help combat cybercrime is the ability to quickly identify new malware compiled and used by attackers. YARA is a unique tool that assists security specialists to recognise and classify malware samples. With the help of YARA, specialists can scan a collection of files against certain patterns and find similar malware samples. By running rules written in YARA on malware collections or on online multi-scanners such as VirusTotal, new variants of previously known malware families can be found. Even new and unknown malware can be identified through patterns of exploit codes and vulnerable applications used in YARA rules.
In this workshop, we will learn how to write simple and sound YARA rules that can be used to identify malware families from a collection of files and to classify malware to assist the malware analysis process.
This is a 3-day workshop
25 Jan 2022 (Tue), 5.30pm-7.30pm
26 Jan 2022 (Wed), 5.30pm-7.30pm
27 Jan 2022 (Thu), 5.30pm-7.30pm
To attend the workshop, you must commit to attending all 3 lessons.
The maximum capacity of this workshop is 15 pax.
This workshop will be conducted Live Online via Zoom. The Zoom link will be made available to selected registrants.
General knowledge of cyber threats
General knowledge of malware types
Basic understanding of the Portable Executable (PE) file structure
NOUSHIN SHABAB, Senior Security Researcher, is one of Kaspersky’s top cybersecurity experts. She lives in Australia and is a member of the Global Research & Analysis Team (GReAT), an elite group of more than 40 security experts. The team is well-known for the discovery and dissection of some of the world’s most sophisticated threats, including cyber-espionage and cyber-sabotage threats. Since taking up the role in 2016, Noushin’s research has focused on the investigation of advanced cyber criminal activities and targeted attacks, concentrating on local threats in the Asia Pacific region. Prior to joining Kaspersky, Noushin worked as a senior malware analyst and security software developer at Amnpardaz Software Co., focusing on rootkits analysis, detection techniques, and APT attack investigations. Noushin’s substantial background in the cybersecurity space is complemented with active involvement in the local and global cyber security community, regularly presenting at security conferences and events.
About Div0 Women In Cybersecurity (WICS)
Div0 WICS aims to develop a sustainable women cybersecurity talent pipeline through learning, training, community engagement and support.
Learn More: https://www.div0.sg/wics
Terms & Conditions
Code of Conduct: https://www.div0.sg/code-of-conduct