Malware self protection-matrix

•Als PPTX, PDF herunterladen•

6 gefällt mir•869 views

In this Malware's Most Wanted, Cyphort Lab's Marion Marschalek will shed light on malware self-protection. The audience will get an overview of how malware evasion evolved over the years and how malware defense evolved with it, or vice versa as it occasionally happens in the digital arms race. The various observed anti-analysis tricks will be put in relation to the respective counter measures in order to showcase challenges of modern day security products. Marion recently won a speaking contest at Komintern Sect in Stockholm.

Technologie

The Malware Self-Protection Matrix
Marion Marschalek
Senior Malware Researcher at Cyphort Labs

Your speakers today
Marion Marschalek
Senior Malware Researcher
Cyphort Labs
Shelendra Sharma
Product Marketing Director

Agenda
o Malware detection evolution
o Malware self-protection
o Wrap-up and Q&A
CyphortLabsT-shirt

Threat Monitoring &
Research team
________
24X7 monitoring for
malware events
________
Assist customers with
their Forensics and
Incident Response
We enhance malware
detection accuracy
________
False positives/negatives
________
Deep-dive research
We work with the
security ecosystem
________
Contribute to and learn
from malware KB
________
Best of 3rd Party threat
data

A Digital
Threat
History
http://www.hdbackgroundpoint.com
VIRUS
EXPLOIT
WORM
TROJAN
MULTI-COMPONENT
MALWARE
ADWARE ROOTKIT
SPYWARE
APT
TARGETED
THREAT
SURVEILLANCE
SOFTWARE
INSIDE
THREAT

Checksums
Byte Patterns
Behavior Patterns
Static / Dynamic Heuristics
Whitelisting
Anomalies
Network Streams
Cloud Protection

Virus
Detection
Signature
Product
Computer
Server

Malware Self-Protection
Debugging
Disassembly
Static
Emulation
Sandboxing
Reputation
Anomalies
12
 Debugger detection, sub-processes, thread injection
 Obfuscation
 Packer and crypter
 Emulator detection, time based evasion
 VM detection, modular malware
 Binary updates, targeted malware
 Binary padding, use of legitimate tools

Gladly, most threats make mistakes themselves.

ZEUS
why can‘t
detection
work
%APP%Uwirpa 10.12.2013 23:50
%APP%Woyxhi 10.12.2013 23:50
%APP%Hibyo 19.12.2013 00:10
%APP%Nezah 19.12.2013 00:10
%APP%Afqag 19.12.2013 23:29
%APP%Zasi 19.12.2013 23:29
%APP%Eqzauf 20.12.2013 22:23
%APP%Ubapo 20.12.2013 22:23
%APP%Ydgowa 20.12.2013 22:23
%APP%Olosu 20.12.2013 23:03
%APP%Taal 20.12.2013 23:03
%APP%Taosep 20.12.2013 23:03
%APP%Wokyco 16.01.2014 13:22
%APP%Semi 17.01.2014 16:34
%APP%Uheh 17.01.2014 16:34

Persistence Mechanisms
File Names
Network Connection
Big Picture Detection &
Combination Static/Dynamic Features
SILVER BULLET ...?

Virtual Machine Code Execution
handler13:
ExitProcHresult
...
handler14:
ExitProc
...
handler15:
ExitProcI2
...
... FC C8 13 76 ...

Various packer layers – no static detection
Static detection won‘t work
Reputation & Metadata Features
SILVER BULLET ...?

EXPLOITATION
http://themovieandme.blogspot.com/

Endpoint protection built to detect
repetitive patterns of evil.
Exploit = system corruption
Exploit vs. vulnerability
http://www.wikipedia.com/

TYPICAL DRIVE-BY INFECTION
o hxxp://www.insertyourwebsitehere.com/js/responsive/min/main-
b87ba20746a80e1104da210172b634c4.min.js
o hxxp://stat.litecsys.com/d2.php?ds=true&dr=2711950755
o hxxp://vstat.feared.eu/pop2.php?acc=%7E%BE%CE%F5%01%8D%AC
%B2%26%C6%DC%5B%E7n4%D0%16%A3L%99%03%BB%D8%08&nrk
=5992423910
o hxxp://g12z4pj3k4k9y4wd517-
ll6.dienami.ru/f/1398361080/5/x007cf6b534e5208040904070007000
80150050f0304045106565601;1;5
o BOOM.

hxxp://www.insertyourwebsitehere.com/js/responsive/
min/main-b87ba20746a80e1104da210172b634c4.min.js
TYPICAL DRIVE-BY INFECTION

hxxp://stat.litecsys.com/d2.php?ds=true&dr=2711950755
TYPICAL DRIVE-BY INFECTION

hxxp://vstat.feared.eu/pop2.php?acc=%7E%BE%CE%F5%01%8D%AC%B2
%26%C6%DC%5B%E7n4%D0%16%A3L%99%03%BB%D8%08&
nrk=5992423910
IE 6, 7, 8 or 9, 10, 11
TYPICAL DRIVE-BY INFECTION

hxxp://g12z4pj3k4k9y4wd517-
ll6.dienami.ru/f/1398361080/5/x007cf6b534e5208
04090407000700080150050f0304045106565
601;1;5
TYPICAL DRIVE-BY INFECTION

(There is none.)
Patching, patching and more patching
An exploit will seldom come alone!
SILVER BULLET ...?

VISIBILITY – KNOW HOW – ACTIONABILITY
LURE
EXPLOIT
INFECT
CALL
HOME
STEAL
DATA
Follow the
kill chain

Weitere ähnliche Inhalte

Was ist angesagt?

We have talked about the recent ransomware resurgence and now Cyphort Labs wants to spend some timer on one of the most effective methods of delivering ransomware and that is exploit kits. In this edition of MMW, Nick Bilogorskiy, Senior Director of Threat Operations at Cyphort, will cover: The evolution of exploit kits such as Angler, Nuclear, Rig and Neutrino Show real examples of drive-by exploits in popular websites discovered in our crawler Examine the relationship between exploits, kits and payload

MMW June 2016: The Rise and Fall of Angler

Marci Bontadelli

Banking or Financial Trojans are already notorious because they have been around for a while, and they count both consumers and financial institutions among their victims. To help better defend against this class of malware, we share analyses of some recent families of financial Trojans. Nick Bilogorskiy, Cyphort's Director of Security Research, looks at the specific characteristics associated with a financial Trojan in terms of distribution channel, armoring behavior, attack payload, actors, etc in this presentation.

Malware's Most Wanted: Financial Trojans

Cyphort

APTs are known to use advanced Techniques, Tactics, and Procedures (TTP), including advanced malware design with protection layers, sandboxing evasion, and lateral movement inside penetrated networks to seek out high value targets. In this webinar, Nick Bilogorskiy of Cyphort Labs will review various lateral movement techniques and methods used by advanced threats in the past. He will look at some APT samples, e.g. Shamoon, in detail to show the specific steps in the lateral movement by the malware. Understanding the lateral movement of APT should help security defenders to better select and implement protection solutions.

Understanding Malware Lateral Spread Used in High Value Attacks

Cyphort

Marion Marschalek speaks about Linux and Internet of things Malware. Occasionally we see samples coming out of our pipe which do not fit with the stream of malware, such as clickjackers, banking Trojans and spybots. These exotic creatures are dedicated to target platforms other than the Windows operating system. While they make up for a significantly smaller portion than the load of Windows malware, Cyphort labs has registered a rise in Linux and Internet of Things Malware (IoT) malware. A number of different families has been seen. But what is their level of sophistication and the associated risk? This webinar provides an overview of Linux and IoT malware that Cyphort labs has spotted in the wild and gives an insight into the development of these threats and the direction they are taking.

Malware's Most Wanted: Linux and Internet of Things Malware

Cyphort

Cyphort Labs presents "Malware's Most Wanted: Ransomware Resurgence: Locky and Other “New Cryptolockers” Like many viruses, botnets and malware families that we’ve seen over the past decade, hackers continue to find new ways of reinventing old threats. And this is no different for Ransomware. Ransomware has come a long way from non-encrypting lockscreen FBI scare warnings like Reveton. In 2016 alone, there have been new ransomware families popping up and we expect that to only pick up steam over the summer. In this edition of MMW, Nick Bilogorskiy, Senior Director of Threat Operations at Cyphort, will discuss: Locky, the new “it” ransomware and how it works A deep dive into a new family of ransom locker discovered by Cyphort Labs in March, that uses TOR Hidden Service Other new ransomware families and why it’s becoming the preferred monetization method for attackers

MMW April 2016 Ransomware Resurgence

Cyphort

Secretary Johnson called the attack on Sony Pictures Entertainment “an attack on our freedom of expression and way of life.” In this MMW session, we dissect Destover malware, responsible for more than 100 terabytes of stolen data from Sony Pictures Entertainment. Added bonus: MMW Watch List of 2014 We will summarize the “most wanted” of the year 2014, including Backoff, the POS malware, and Zberp, the financial Trojan.

Sony Attack by Destover Malware. Part of Cyphort Malware Most Wanted Series.

Cyphort

Dissecting Cryptowall

Cyphort

In the digital age, one of the most effective ways to gather data and information about a potential enemy state is by infiltrating their ranks with malware. This webinar takes a deep drive into advanced persistent threat attacks performed by nation states. We will discuss various actors, government sponsored hackers, such as Duke, Bear, and Panda. Then we will look at malware created, like Regin, Elise, Flame, Equation Group, Babar, OnionDuke, and Dark Hotel.

Cyber espionage nation state-apt_attacks_on_the_rise

Cyphort

MMW Anti-Sandbox Techniques

Cyphort

Malware Evasion Techniques

Thomas Roccia

42 - Malware - Understand the Threat and How to Respond

Thomas Roccia

Sophos Day Belgium - The IT Threat Landscape and what to look out for

Sophos Benelux

Wannacry | Technical Insight and Lessons Learned

Thomas Roccia

BSides IR in Heterogeneous Environment

Stefano Maccaglia

CSF18 - The Digital Threat of the Decade (Century) - Sasha Kranjac

NCCOMMS

Ник расскажет про типичный день антивирусного специалиста в Кремниевой Долине. Про то, как компании борются с хакерскими атаками. Он расскажет свою историю про то, как работал в Фейсбуке, как туда попасть и какой опыт эта компания даёт. Расскажет про Cyphort, и антивирусы нового поколения. И он поделится новыми трендами кибербезопасности.

Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...

HackIT Ukraine

Top 10 exploited vulnerabilities 2019 (thus far...)

Jonathan Cran

The CryptoLocker Malware encrypts certain files with a private key and demands payment to regain access to the files. Nick Bilogorskiy, Director of Security Research, presents this deep dive into CryptoLocker and looks at the latest information around what is called one of the two most sophisticated and destructive forms of malicious software in existence. (The other being Gameover Zeus.) Malware’s Most Wanted is a monthly series to inform IT security professionals on the details of the most dangerous advanced persistent threats. Attendees receive a special edition t-shirt.

Malware's Most Wanted: CryptoLocker—The Ransomware Trojan

Cyphort

CoinMiners are on the rise, trending so high that in the last couple of month they almost completely replaced ransomware in both media and the research community. Unlike ransomware which profit from rapid encryption of user’s data taken hostage, CoinMiners profit comes from high jacking computer resources. As long as the CoinMiner stays undetected and stealth, the higher its author profit. In this talk we will focus on the unexplored territory of CoinMiner evasive maneuver and functionality to avoid getting found by its victims and provide tactics and tools to combat them.

CoinMiners are Evasive - BsidesTLV

Thomas Roccia

Was ist angesagt? (19)

MMW June 2016: The Rise and Fall of Angler

Malware's Most Wanted: Financial Trojans

Understanding Malware Lateral Spread Used in High Value Attacks

Malware's Most Wanted: Linux and Internet of Things Malware

MMW April 2016 Ransomware Resurgence

Sony Attack by Destover Malware. Part of Cyphort Malware Most Wanted Series.

Dissecting Cryptowall

Cyber espionage nation state-apt_attacks_on_the_rise

MMW Anti-Sandbox Techniques

Malware Evasion Techniques

42 - Malware - Understand the Threat and How to Respond

Sophos Day Belgium - The IT Threat Landscape and what to look out for

Wannacry | Technical Insight and Lessons Learned

BSides IR in Heterogeneous Environment

CSF18 - The Digital Threat of the Decade (Century) - Sasha Kranjac

Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...

Top 10 exploited vulnerabilities 2019 (thus far...)

Malware's Most Wanted: CryptoLocker—The Ransomware Trojan

CoinMiners are Evasive - BsidesTLV

Ähnlich wie Malware self protection-matrix

Zbot + Carberp = Zberp, an online banking trojan that is reported to have impacted 450 financial institutions around the world in the first month since discovery. In addition to its malicious capabilities, the Zberp Trojan uses a combination of evasion techniques that it inherited from both the Zeus, also known as Zbot, and Carberp. Add in the ‘invisible persistence’ feature and you have one nasty piece of malware.

Malware's most wanted-zberp-the_financial_trojan

Cyphort

Threat Hunters

infosec train

Cyber Security protection by MultiPoint Ltd.

Ricardo Resnik

What Role Do Zero-Day Vulnerabilities Play In Modern Security Solutions?

Rion Technologies

Symantec cyber-resilience

Symantec

Kaseya Connect 2011 - Malwarebytes - Marcin Kleczynski

Kaseya

Declaration of Mal(WAR)e

NetSPI

Endpoints are everywhere, and endpoint security is evolving. Endpoints also remain the most attractive target for hackers as a point of entry for attacks because they’re connected to the weakest link in enterprise data protection: humans. View the SlideShare to learn: --Why evolving threats require increased endpoint defense capabilities. --What organizations can do to protect against known and unknown threats, while reducing manual processes for administrators. --The primary capabilities of endpoint detection and response (EDR) tools, and how you can find the right fit for your business. --Where your organization sits on the endpoint security maturity scale. --Keys to maturing your endpoint security strategy. A new generation of products and services is helping organizations keep pace with modern threats and advance beyond traditional, prevention-oriented endpoint protection to a more comprehensive — and realistic — focus on detection and incident response.

Maturing Endpoint Security: 5 Key Considerations

Sirius

Malware detection how to spot infections early with alien vault usm

AlienVault

The Modern Malware Review March 2013

- Mark - Fullbright

Problems With Battling Malware Have Been Discussed, Moving...

Deb Birch

Office 365 has garnered widespread adoption from enterprises due to its advantages such as ease of deployment, lower TCO, and high scalability. Additionally, it enables end-users to work and collaborate from anywhere and on any device. Although Office 365 enables IT to shift the burden for app and infrastructure to the cloud vendor, data security remains the responsibility of the enterprise. Given the limitations of native malware protection on Office 365, should the enterprise rely on Office 365 to protect their data from malware and ransomware? Join Bitglass and Cylance for a discussion on malware protection solutions for Office 365. We will cover the limitations of native Office 365 malware protection as well as the benefits of AI and machine learning based approaches. We will wrap up the session by discussing how CASBs, with Advanced Threat Protection (ATP) capabilities, are uniquely positioned to protect cloud apps and end-points from malware attacks and proliferation.

Security O365 Using AI-based Advanced Threat Protection

Bitglass

Automated Emerging Cyber Threat Identification and Profiling Based on Natural Language Processing. Shakas Technologies ( Galaxy of Knowledge) #11/A 2nd East Main Road, Gandhi Nagar, Vellore - 632006. Mobile : +91-9500218218 / 8220150373| land line- 0416- 3552723 Shakas Training & Development | Shakas Sales & Services | Shakas Educational Trust|IEEE projects | Research & Development | Journal Publication | Email : info@shakastech.com | shakastech@gmail.com | website: www.shakastech.com Facebook: https://www.facebook.com/pages/Shakas-Technologies

Automated Emerging Cyber Threat Identification and Profiling Based on Natural...

Shakas Technologies

Unveiling the Shadows: A Comprehensive Guide to Malware Analysis for Ensuring...

cyberprosocial

Cyber Security Conference - Microsoft public sector incident response and re...

Microsoft

201512 - Vulnerability Management -PCI Best Practices - stepbystep

Allan Crowe PCIP

The modern-malware-review-march-2013

Комсс Файквэе

OSB50: Operational Security: State of the Union

Ivanti

Why managed detection and response is more important now than ever

G’SECURE LABS

Ransomware is a strategy for adversaries to make money – a strategy that’s proven successful. During this presentation, we will cover how ransomware works, ransomware trends to watch, best practices for prevention, and more. At the core of the discussion, Scott will explain how to build detections for common tactics, techniques, and procedures (TTPs) used by ransomware families and how to validate they work, ongoing, as part of the larger security program. Participants will leave this webinar with actionable advice to ensure their organization is more resilient to ever-evolving ransomware attacks.

How to Build and Validate Ransomware Attack Detections (Secure360)

Scott Sutherland

Ähnlich wie Malware self protection-matrix (20)

Malware's most wanted-zberp-the_financial_trojan

Threat Hunters

Cyber Security protection by MultiPoint Ltd.

What Role Do Zero-Day Vulnerabilities Play In Modern Security Solutions?

Symantec cyber-resilience

Kaseya Connect 2011 - Malwarebytes - Marcin Kleczynski

Declaration of Mal(WAR)e

Maturing Endpoint Security: 5 Key Considerations

Malware detection how to spot infections early with alien vault usm

The Modern Malware Review March 2013

Problems With Battling Malware Have Been Discussed, Moving...

Security O365 Using AI-based Advanced Threat Protection

Automated Emerging Cyber Threat Identification and Profiling Based on Natural...

Unveiling the Shadows: A Comprehensive Guide to Malware Analysis for Ensuring...

Cyber Security Conference - Microsoft public sector incident response and re...

201512 - Vulnerability Management -PCI Best Practices - stepbystep

The modern-malware-review-march-2013

OSB50: Operational Security: State of the Union

Why managed detection and response is more important now than ever

How to Build and Validate Ransomware Attack Detections (Secure360)

Mehr von Cyphort

MMW June 2016: The Rise and Fall of Angler

Cyphort

Machine learning is a powerful tool with many well-suited applications for malware detection, classification, and risk quantification. Despite its reputation as a "black box" component to an enterprise security solution, designing a robust machine learning model for malware detection is an involved process: its success hinges on understanding the problem you're trying to solve, the underlying data you utilize, and most importantly, its limitations. In this Malware Most Wanted session, we analyze working models discuss the strengths, pitfalls, and high-level trade-offs of using machine learning for successful malware detection.

Machine learning cyphort_malware_most_wanted

Cyphort

Mmw anti sandbox_techniques

Cyphort

Mmw anti sandboxtricks

Cyphort

If you have three wishes

Cyphort

The A and the P of the T

Cyphort

Malware's Most Wanted: How to tell BADware from adware

Cyphort

Zeus Dissected

Cyphort

ISC2014 Beijing Keynote

Cyphort

Malware's Most Wanted (MMW): Backoff POS Malware

Cyphort

Cyphort Labs has discovered an extensive data theft campaign that we have named NightHunter. The campaign, active since 2009, is designed to steal login credentials of users. Targeted applications include Google, Yahoo, Facebook, Dropbox and Skype. Attackers have many options to leverage the credentials and the potential for analyzing and correlating the stolen data to mount highly targeted, damaging attacks.

Malware’s Most Wanted: NightHunter. A Massive Campaign to Steal Credentials R...

Cyphort

Web browser vulnerabilities remain a fertile ground for hackers to harvest and mount attacks. Latest vulnerabilities found in Internet Explorer and urgent response from Microsoft highlights the fact that despite end of life announcements for old and less secure products, millions of users remain exposed to threats. Web browser attacks and how the vulnerabilities are exploited How CVE-2014-1776 impacts you Finding and dissecting active attacks How to mitigate impacts of browser vulnerability based attacks

Digging deeper into the IE vulnerability CVE-2014-1776 with Cyphort

Cyphort

Mehr von Cyphort (12)

MMW June 2016: The Rise and Fall of Angler

Machine learning cyphort_malware_most_wanted

Mmw anti sandbox_techniques

Mmw anti sandboxtricks

If you have three wishes

The A and the P of the T

Malware's Most Wanted: How to tell BADware from adware

Zeus Dissected

ISC2014 Beijing Keynote

Malware's Most Wanted (MMW): Backoff POS Malware

Malware’s Most Wanted: NightHunter. A Massive Campaign to Steal Credentials R...

Digging deeper into the IE vulnerability CVE-2014-1776 with Cyphort

Kürzlich hochgeladen

DBX First Quarter 2024 Investor Presentation

Dropbox

Following the popularity of “Cloud Revolution: Exploring the New Wave of Serverless Spatial Data,” we’re thrilled to announce this much-anticipated encore webinar. In this sequel, we’ll dive deeper into the Cloud-Native realm by uncovering practical applications and FME support for these new formats, including COGs, COPC, FlatGeoBuf, GeoParquet, STAC, and ZARR. Building on the foundation laid by industry leaders Michelle Roby of Radiant Earth and Chris Holmes of Planet in the first webinar, this second part offers an in-depth look at the real-world application and behind-the-scenes dynamics of these cutting-edge formats. We will spotlight specific use-cases and workflows, showcasing their efficiency and relevance in practical scenarios. Discover the vast possibilities each format holds, highlighted through detailed discussions and demonstrations. Our expert speakers will dissect the key aspects and provide critical takeaways for effective use, ensuring attendees leave with a thorough understanding of how to apply these formats in their own projects. Elevate your understanding of how FME supports these cutting-edge technologies, enhancing your ability to manage, share, and analyze spatial data. Whether you’re building on knowledge from our initial session or are new to the serverless spatial data landscape, this webinar is your gateway to mastering cloud-native formats in your workflows.

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Safe Software

Angeliki Cooney has spent over twenty years at the forefront of the life sciences industry, working out of Wynantskill, NY. She is highly regarded for her dedication to advancing the development and accessibility of innovative treatments for chronic diseases, rare disorders, and cancer. Her professional journey has centered on strategic consulting for biopharmaceutical companies, facilitating digital transformation, enhancing omnichannel engagement, and refining strategic commercial practices. Angeliki's innovative contributions include pioneering several software-as-a-service (SaaS) products for the life sciences sector, earning her three patents. As the Senior Vice President of Life Sciences at Avenga, Angeliki orchestrated the firm's strategic entry into the U.S. market. Avenga, a renowned digital engineering and consulting firm, partners with significant entities in the pharmaceutical and biotechnology fields. Her leadership was instrumental in expanding Avenga's client base and establishing its presence in the competitive U.S. market.

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...

Angeliki Cooney

Three things you will take away from the session: • How to run an effective tenant-to-tenant migration • Best practices for before, during, and after migration • Tips for using migration as a springboard to prepare for Copilot in Microsoft 365 Main ideas: Migration Overview: The presentation covers the current reality of cross-tenant migrations, the triggers, phases, best practices, and benefits of a successful tenant migration Considerations: When considering a migration, it is important to consider the migration scope, performance, customization, flexibility, user-friendly interface, automation, monitoring, support, training, scalability, data integrity, data security, cost, and licensing structure Next Wave: The next wave of change includes the launch of Copilot, which requires businesses to be prepared for upcoming changes related to Copilot and the cloud, and to consolidate data and tighten governance ShareGate: ShareGate can help with pre-migration analysis, configurable migration tool, and automated, end-user driven collaborative governance

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

sammart93

[BuildWithAI] Introduction to Gemini.pdf

Sandro Moreira

Whatsapp Number Escorts Call girls 8617370543 Available 24x7 Mcleodganj Call Girls Service Offer Genuine VIP Model Escorts Call Girls in Your Budget. Mcleodganj Call Girls Service Provide Real Call Girls Number. Make Your Sexual Pleasure Memorable with Our Mcleodganj Call Girls at Affordable Price. Top VIP Escorts Call Girls, High Profile Independent Escorts Call Girls, Housewife Women Escorts Call Girl, College Girls Escorts Call Girls, Russian Escorts Call girls Service in Your Budget.

Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model

Deepika Singh

MS Copilot expands with MS Graph connectors

Nanddeep Nachan

How to Troubleshoot Apps for the Modern Connected Worker

ThousandEyes

Following the popularity of "Cloud Revolution: Exploring the New Wave of Serverless Spatial Data," we're thrilled to announce this much-anticipated encore webinar. In this sequel, we'll dive deeper into the Cloud-Native realm by uncovering practical applications and FME support for these new formats, including COGs, COPC, FlatGeoBuf, GeoParquet, STAC, and ZARR. Building on the foundation laid by industry leaders Michelle Roby of Radiant Earth and Chris Holmes of Planet in the first webinar, this second part offers an in-depth look at the real-world application and behind-the-scenes dynamics of these cutting-edge formats. We will spotlight specific use-cases and workflows, showcasing their efficiency and relevance in practical scenarios. Discover the vast possibilities each format holds, highlighted through detailed discussions and demonstrations. Our expert speakers will dissect the key aspects and provide critical takeaways for effective use, ensuring attendees leave with a thorough understanding of how to apply these formats in their own projects. Elevate your understanding of how FME supports these cutting-edge technologies, enhancing your ability to manage, share, and analyze spatial data. Whether you're building on knowledge from our initial session or are new to the serverless spatial data landscape, this webinar is your gateway to mastering cloud-native formats in your workflows.

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Safe Software

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

MadyBayot

Join our latest Connector Corner webinar to discover how UiPath Integration Service revolutionizes API-centric automation in a 'Quote to Cash' process—and how that automation empowers businesses to accelerate revenue generation. A comprehensive demo will explore connecting systems, GenAI, and people, through powerful pre-built connectors designed to speed process cycle times. Speakers: James Dickson, Senior Software Engineer Charlie Greenberg, Host, Product Marketing Manager

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

DianaGray10

Scaling API-first – The story of a global engineering organization Ian Reasor, Senior Computer Scientist - Adobe Radu Cotescu, Senior Computer Scientist - Adobe Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

apidays

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Juan lago vázquez

In this keynote, Asanka Abeysinghe, CTO,WSO2 will explore the shift towards platformless technology ecosystems and their importance in driving digital adaptability and innovation. We will discuss strategies for leveraging decentralized architectures and integrating diverse technologies, with a focus on building resilient, flexible, and future-ready IT infrastructures. We will also highlight WSO2's roadmap, emphasizing our commitment to supporting this transformative journey with our evolving product suite.

Platformless Horizons for Digital Adaptability

WSO2

Tracing the root cause of a performance issue requires a lot of patience, experience, and focus. It’s so hard that we sometimes attempt to guess by trying out tentative fixes, but that usually results in frustration, messy code, and a considerable waste of time and money. This talk explains how to correctly zoom in on a performance bottleneck using three levels of profiling: distributed tracing, metrics, and method profiling. After we learn to read the JVM profiler output as a flame graph, we explore a series of bottlenecks typical for backend systems, like connection/thread pool starvation, invisible aspects, blocking code, hot CPU methods, lock contention, and Virtual Thread pinning, and we learn to trace them even if they occur in library code you are not familiar with. Attend this talk and prepare for the performance issues that will eventually hit any successful system. About authorWith two decades of experience, Victor is a Java Champion working as a trainer for top companies in Europe. Five thousands developers in 120 companies attended his workshops, so he gets to debate every week the challenges that various projects struggle with. In return, Victor summarizes key points from these workshops in conference talks and online meetups for the European Software Crafters, the world’s largest developer community around architecture, refactoring, and testing. Discover how Victor can help you on victorrentea.ro : company training catalog, consultancy and YouTube playlists.

Finding Java's Hidden Performance Traps @ DevoxxUK 2024

Victor Rentea

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the deployment of external web forms using Jotform for Bonterra Impact Management. This solution can be customized to your organization’s needs and deployed to support the common use cases below: - Intake and consent - Assessments - Surveys - Applications - Program registration Interested in deploying web form automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Jeffrey Haguewood

The microservices honeymoon is over. When starting a new project or revamping a legacy monolith, teams started looking for alternatives to microservices. The Modular Monolith, or 'Modulith', is an architecture that reaps the benefits of (vertical) functional decoupling without the high costs associated with separate deployments. This talk will delve into the advantages and challenges of this progressive architecture, beginning with exploring the concept of a 'module', its internal structure, public API, and inter-module communication patterns. Supported by spring-modulith, the talk provides practical guidance on addressing the main challenges of a Modultith Architecture: finding and guarding module boundaries, data decoupling, and integration module-testing. You should not miss this talk if you are a software architect or tech lead seeking practical, scalable solutions. About the author With two decades of experience, Victor is a Java Champion working as a trainer for top companies in Europe. Five thousands developers in 120 companies attended his workshops, so he gets to debate every week the challenges that various projects struggle with. In return, Victor summarizes key points from these workshops in conference talks and online meetups for the European Software Crafters, the world’s largest developer community around architecture, refactoring, and testing. Discover how Victor can help you on victorrentea.ro : company training catalog, consultancy and YouTube playlists.

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

Victor Rentea

Elevate Developer Efficiency & build GenAI Application with Amazon Q

Bhuvaneswari Subramani

FWD Group - Insurer Innovation Award 2024

The Digital Insurer

Corporate and higher education. Two industries that, in the past, have had a clear divide with very little crossover. The difference in goals, learning styles and objectives paved the way for differing learning technologies platforms to evolve. Now, those stark lines are blurring as both sides are discovering they have content that’s relevant to the other. Join Tammy Rutherford as she walks through the pros and cons of corporate and higher ed collaborating. And the challenges of these different technology platforms working together for a brighter future.

Corporate and higher education May webinar.pptx

Rustici Software

Kürzlich hochgeladen (20)

DBX First Quarter 2024 Investor Presentation

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

[BuildWithAI] Introduction to Gemini.pdf

Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model

MS Copilot expands with MS Graph connectors

How to Troubleshoot Apps for the Modern Connected Worker

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Platformless Horizons for Digital Adaptability

Finding Java's Hidden Performance Traps @ DevoxxUK 2024

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

Elevate Developer Efficiency & build GenAI Application with Amazon Q

FWD Group - Insurer Innovation Award 2024

Corporate and higher education May webinar.pptx

Malware self protection-matrix

2. The Malware Self-Protection Matrix Marion Marschalek Senior Malware Researcher at Cyphort Labs

3. Your speakers today Marion Marschalek Senior Malware Researcher Cyphort Labs Shelendra Sharma Product Marketing Director

4. Agenda o Malware detection evolution o Malware self-protection o Wrap-up and Q&A CyphortLabsT-shirt

5. Threat Monitoring & Research team ________ 24X7 monitoring for malware events ________ Assist customers with their Forensics and Incident Response We enhance malware detection accuracy ________ False positives/negatives ________ Deep-dive research We work with the security ecosystem ________ Contribute to and learn from malware KB ________ Best of 3rd Party threat data

6. HOW DO YOU FIND http://1ms.net/

7. A Digital Threat History http://www.hdbackgroundpoint.com VIRUS EXPLOIT WORM TROJAN MULTI-COMPONENT MALWARE ADWARE ROOTKIT SPYWARE APT TARGETED THREAT SURVEILLANCE SOFTWARE INSIDE THREAT

8. A THREAT DETECTION HISTORY

9. www.crane.com Your signature update.

10. Checksums Byte Patterns Behavior Patterns Static / Dynamic Heuristics Whitelisting Anomalies Network Streams Cloud Protection

11. Virus Detection Signature Product Computer Server

12. Malware Self-Protection Debugging Disassembly Static Emulation Sandboxing Reputation Anomalies 12  Debugger detection, sub-processes, thread injection  Obfuscation  Packer and crypter  Emulator detection, time based evasion  VM detection, modular malware  Binary updates, targeted malware  Binary padding, use of legitimate tools

13. Gladly, most threats make mistakes themselves.

14.

15. ZEUS why can‘t detection work %APP%Uwirpa 10.12.2013 23:50 %APP%Woyxhi 10.12.2013 23:50 %APP%Hibyo 19.12.2013 00:10 %APP%Nezah 19.12.2013 00:10 %APP%Afqag 19.12.2013 23:29 %APP%Zasi 19.12.2013 23:29 %APP%Eqzauf 20.12.2013 22:23 %APP%Ubapo 20.12.2013 22:23 %APP%Ydgowa 20.12.2013 22:23 %APP%Olosu 20.12.2013 23:03 %APP%Taal 20.12.2013 23:03 %APP%Taosep 20.12.2013 23:03 %APP%Wokyco 16.01.2014 13:22 %APP%Semi 17.01.2014 16:34 %APP%Uheh 17.01.2014 16:34

16. Sandbox Detection 16

17. Persistence Mechanisms File Names Network Connection Big Picture Detection & Combination Static/Dynamic Features SILVER BULLET ...?

18. ARMOURING http://hdwallpapersimage.com/

19. SAZOORA being picky

20. Code Obfuscation 20

21. Virtual Machine Code Execution handler13: ExitProcHresult ... handler14: ExitProc ... handler15: ExitProcI2 ... ... FC C8 13 76 ...

22. Various packer layers – no static detection Static detection won‘t work Reputation & Metadata Features SILVER BULLET ...?

23. EXPLOITATION http://themovieandme.blogspot.com/

24. Endpoint protection built to detect repetitive patterns of evil. Exploit = system corruption Exploit vs. vulnerability http://www.wikipedia.com/

25. TYPICAL DRIVE-BY INFECTION o hxxp://www.insertyourwebsitehere.com/js/responsive/min/main- b87ba20746a80e1104da210172b634c4.min.js o hxxp://stat.litecsys.com/d2.php?ds=true&dr=2711950755 o hxxp://vstat.feared.eu/pop2.php?acc=%7E%BE%CE%F5%01%8D%AC %B2%26%C6%DC%5B%E7n4%D0%16%A3L%99%03%BB%D8%08&nrk =5992423910 o hxxp://g12z4pj3k4k9y4wd517- ll6.dienami.ru/f/1398361080/5/x007cf6b534e5208040904070007000 80150050f0304045106565601;1;5 o BOOM.

26. hxxp://www.insertyourwebsitehere.com/js/responsive/ min/main-b87ba20746a80e1104da210172b634c4.min.js TYPICAL DRIVE-BY INFECTION

27. hxxp://stat.litecsys.com/d2.php?ds=true&dr=2711950755 TYPICAL DRIVE-BY INFECTION

28. hxxp://vstat.feared.eu/pop2.php?acc=%7E%BE%CE%F5%01%8D%AC%B2 %26%C6%DC%5B%E7n4%D0%16%A3L%99%03%BB%D8%08& nrk=5992423910 IE 6, 7, 8 or 9, 10, 11 TYPICAL DRIVE-BY INFECTION

29. hxxp://g12z4pj3k4k9y4wd517- ll6.dienami.ru/f/1398361080/5/x007cf6b534e5208 04090407000700080150050f0304045106565 601;1;5 TYPICAL DRIVE-BY INFECTION

30. (There is none.) Patching, patching and more patching An exploit will seldom come alone! SILVER BULLET ...?

31. VISIBILITY – KNOW HOW – ACTIONABILITY LURE EXPLOIT INFECT CALL HOME STEAL DATA Follow the kill chain

32. Q&A

33. Thank You!