Aim: Create a PowerShell script that takes a suspected malicious file as input and generates a report on the files after applying the techniques outlined in the first 2 chapters of the book Practical Malware Analysis.
Unlike PMA, I will not be submitting to VirusTotal. In general it is not a good idea to upload straight to VT in case the file you are uploading contains identifying or sensitive information about your organization. …
Diving into the world of malware analysis is intimidating. I am compiling a list of resources I am using myself as I dive into this and hope they will be useful for others. This list is by no means authoritative or definitive and is a work in progress as I come across new resources.
This will not include any information on recommended background knowledge, but to get the most out of these resources you should have some familiarity with networking, programming and operating systems.
Practical Malware Analysis - https://nostarch.com/malware
MalwareBytes|So You Want To Be A Malware Analyst - https://blog.malwarebytes.com/security-world/2012/09/so-you-want-to-be-a-malware-analyst
vx-underground - https://vx-underground.org
FLARE VM is a fully customizable, Windows-based security distribution for malware analysis, incident response, penetration testing, etc developed by Fireeye. The set up is relatively straight forward but I thought since I am setting up a VM for myself it would be worth documenting the process in case it is of use to anyone else doing the same.
We are in the middle of the worst pandemic since the Hong Kong flu 50 years ago. COVID-19 directly affects the life of millions of people worldwide every day, throwing the patterns and routines of theirs lives into flux. As always change brings opportunity; geopolitical forces continue to exert themselves while we self-isolate and will take advantage of these opportunities as they are discovered.
What doors are being opened? The most obvious are disinformation campaigns especially considering the upcoming US election, Hong Kong protests, rising tension between Taiwan and Mainland China, increased Scottish independence sentiment post-Brexit, among other current events…
False flags have always been a popular way to deflect responsibility for starting a conflict or to drag an ally into war, I will focus on the later here.
I am going to outline a hypothetical scenario that draws on current and historical events to outline the potency that cyber operations could add to a false flag operation designed to draw an ally into war.