SecuraBit Before It Bytes!

SecuraBit Episode 61: Reverse Engineering Malware with a Spider Monkey

Christopher Mills – @thechrisam
Andrew Borel –  @andrew_secbit
Tim Krabec – @tkrabec
Nicholas Berthaume -- @nberthaume
Anthony Gartner – @anthonygartner

Guest: Lenny Zeltser - @lennyzeltser

General topics:
Reverse Engineering Malware

New Linux Distro to analyze malware
REMnux: A Linux Distribution for Reverse-Engineering Malware
Based on Ubuntu
Released just 5 days ago - July 8, 2010
2500 Downloads so far
VMWare appliance
Live Distro going out to Source Forge soon
Enlightenment as window manager, (no gnome or kde)
Just what you need to do the analysis
Lightweight as possible
Emulate Services
Allow malware to interact with your own resources
how does it differ from CW Sandbox
Determine the signs of comprise to compare with your production environment
JS Unpack
Since it is an Ubuntu distro, you can roll a custom version for your environment or lab.
Intrigrrated into the Reverse Engining Malware course from SANS

SANS Digital Forensics Summit
The state of people relying on only antivirus for protection.

The innovator's dilemma
Microsoft Security Essentials
Forensics 610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques
SANS vLive! FOR610 - 201001 - Monday, July 26, 2010 - Thursday, August 26, 2010

Upcoming events:

Tim is speaking
Tim is also doing a skytalks schedule
Hacker Halted Tim Is speaking October 14th
South Florida ISSA’s Hack the flag and chili cookoff  Saturday August 14, 2010 from 12:00pm - 5:00pm
These are the upcoming security cons and where you can find those of us that will be attending starting in less than two weeks.

Chat with us on IRC at #securabit

Direct download: SecuraBit_EP61.mp3
Category:podcasts -- posted at: 10:22pm EDT