• Div0 Blog Editor

Div0 WICS Workshop — Threat Hunting with YARA

Updated: 20 hours ago

With a constantly evolving threat landscape, it’s crucial for security specialists to keep their skills up to date. One of the most important skills to help combat cybercrime is the ability to quickly identify new malware compiled and used by attackers. YARA is a unique tool that assists security specialists to recognise and classify malware samples. With the help of YARA, specialists can scan a collection of files against certain patterns and find similar malware samples. By running rules written in YARA on malware collections or on online multi-scanners such as VirusTotal, new variants of previously known malware families can be found. Even new and unknown malware can be identified through patterns of exploit codes and vulnerable applications used in YARA rules.


In this workshop, we will learn how to write simple and sound YARA rules that can be used to identify malware families from a collection of files and to classify malware to assist the malware analysis process.


This is a 3-day workshop

  1. 25 Jan 2022 (Tue), 5.30pm-7.30pm

  2. 26 Jan 2022 (Wed), 5.30pm-7.30pm

  3. 27 Jan 2022 (Thu), 5.30pm-7.30pm

To attend the workshop, you must commit to attending all 3 lessons.


The maximum capacity of this workshop is 15 pax.


This workshop will be conducted Live Online via Zoom. The Zoom link will be made available to selected registrants.


Pre-requisites

  • General knowledge of cyber threats

  • General knowledge of malware types

  • Basic understanding of the Portable Executable (PE) file structure


Instructor

NOUSHIN SHABAB, Senior Security Researcher, is one of Kaspersky’s top cybersecurity experts. She lives in Australia and is a member of the Global Research & Analysis Team (GReAT), an elite group of more than 40 security experts. The team is well-known for the discovery and dissection of some of the world’s most sophisticated threats, including cyber-espionage and cyber-sabotage threats. Since taking up the role in 2016, Noushin’s research has focused on the investigation of advanced cyber criminal activities and targeted attacks, concentrating on local threats in the Asia Pacific region. Prior to joining Kaspersky, Noushin worked as a senior malware analyst and security software developer at Amnpardaz Software Co., focusing on rootkits analysis, detection techniques, and APT attack investigations. Noushin’s substantial background in the cybersecurity space is complemented with active involvement in the local and global cyber security community, regularly presenting at security conferences and events.


About Div0 Women In Cybersecurity (WICS)

Div0 WICS aims to develop a sustainable women cybersecurity talent pipeline through learning, training, community engagement and support.


Learn More: https://www.div0.sg/wics


Terms & Conditions

A Big Thank You to Our Sponsors & Partners

Our Co-Organiser

Our Sustaining Sponsors

57 views0 comments

Recent Posts

See All

Div0 Workshop — Basics of Docker Container

Docker containers are continuously used in today's DevSecOps world. Docker helps in deploying applications very easily and ensures that the application runs exactly in a similar manner in production s