|Preview eForensics Magazine 2022 01 Malware Forensic Analysis .pdf|
We wish you all the best in the New Year! We hope that it will be fruitful for you and will allow you to develop your interests and skills. We sincerely want to help you with the latter, which is why we present to you our latest magazine on Malware Forensic Analysis. We have prepared a real compendium of knowledge on this topic for you. From the articles, you will learn what the main forms of malware are, how to analyze them, which type of analysis (static or dynamic) is appropriate for a given case, and what tools to use! Therefore, if you are interested in this topic, you must take a look at our magazine.
Did you think that was it? Well no! In the magazine you will also find:
- comprehensive literature for OSINT (Open Source Intelligence) evaluation as a tool to aid combating cybercrime;
- tutorial presenting the use of IPED - an open-source tool developed and developed by the Brazilian police;
- image tools in the context of their importance for forensic analysis;
- considerations regarding the importance of CISO in the organization.
So if you want to start the New Year productively and invest in your development, reach for our latest magazine!
Check out our Table of Contents below for more information about each article (we included short leads for you).
We hope that you enjoy reading this issue! As always, huge thanks to all the authors, reviewers, to our amazing proofreaders, and of course you, our readers, for staying with us! :)
and the eForensics Magazine Editorial Team
TABLE OF CONTENTS
Malware Forensics - The Malware Analysis In Forensic Context
by Deivison Franco, Cleber Soares and Daniel Müller
The article shows that malware is a resource that provides additional elements for a forensic investigation, allowing you to find new information about a device user (e.g., spyware analysis), and even start new cybercrime investigations (e.g., bot or backdoor analysis). For this reason, while malicious programs are not under forensic investigation, they should not be overlooked, as their identification and analysis are extremely important. The authors present a comprehensive analysis of the topic. They explain what malware is, what are its classes, types of attacks, and types of forensic analysis. The authors show how to identify malware using specific tools (eg VirusTotal, Autoruns) and conduct static, dynamic, and advanced analyzes.
IPED, an Amazing Tool to Analyze a Disk Image
by Marcus Fábio Fontenelle
This article provides a brief introduction to IPED, an open source tool developed and maintained by the Brazilian Federal Police for analyzing digital evidence. The text presents a description of the tool, its main functions, configuration methods and, in a specific case, how it is used in forensic work. This is a practical tutorial that guides the reader step by step through the issues of disk analysis.
Freely Distributed Open Source Image Forensics Tools
by James A (Jim) McCoy, Jr.
The text is about image analysis. The author begins by trying to analyze the reasons for using false images on the Internet. Then it goes on to describe the metadata analysis. After a short introduction what metadata is, it shows you where to find it (in what layer in the file). It also analyzes different categories of data (descriptive, legal, administrative). It indicates the functionality of metadata and their possible uses and possible ways of manipulation. The main part of the text is the analysis of the metadata of a specific image using the Open Source tool (JPEGsnoop). The author describes its functionality and analyzes the image step by step.
Malware - The Nightmare Time
by Wilson Mendes
The article takes a comprehensive approach to the issue of malware. It defines what it actually is, what its types are, and what are the forms of combating it. He focuses on the issue of APT and points to the legitimacy and effectiveness of using anti-virus and network scanning software. Then it presents interesting and current cases in which an attack with the use of malicious software took place.
Reversing Malware Anonymously
by Anderson Sales
The text is about how to stop malware attacks so as not to expose yourself to danger. The author presents several suggestions on how to anonymously fight malware. It proposes IP anonymization, creating a virtual machine, and changing the agent and language. All the steps he proposes are accompanied by a practical example.
Cyber-Savvy Board Of Directors
by Longinus Timochenco
The text is devoted to cybersecurity. After a short introduction devoted to this issue and pointing to one of its important aspects - information security, the author goes on to discuss the tasks and importance of CISO in each enterprise. It mainly presents the tasks and challenges as well as difficulties related to the performance of this profession. The article indicates important areas on which CISO must work to ensure an adequate level of cyber security, among which a special place is taken by data analysis and reporting system, as well as constant cooperation with the company's management.
Malware Analysis And Its Forms
by Daniele Giomo
The text is about malware analysis. The author begins with the fact that they differ from the different forms of software and what they are. Now the author moves to the forms of malware analysis - management and moves on. It also shows how to detect malware, but ends with hands-on training on how to implement a model that detects malware detection.
A Systematic Literature Review For OSINT (Open Source Intelligence) Evaluation As A Tool To Aid Combating Cybercrime
by Francisco de Assis F. Henriques
The text aims to identify the basic research on the use of OSINT as a tool to combat cybercrime. A systematic literature review is a systematic search for research that aims to explain to readers the steps that have been taken to define research relevant to a study according to a pre-defined review protocol. The study aims to provide a systematic review of the literature on OSINT and how these techniques can be applied in digital forensics to contribute to the fight against cybercrime. The scope of the article included 487 articles obtained from 4 digital libraries published in 2017-2021, 43 articles were obtained after applying the exclusion and inclusion criteria. This review confirms the effectiveness of the use of OSINT in the fight against cybercrime through the research presented and methods demonstrated. Finally, through all the research carried out and the methodologies presented, it was possible to confirm that OSINT helps in the fight against cybercrime thanks to the existing data in the most different sources available for research.
Applying Zero Trust Principles To Critical Controls
by Paulo Pereira, PhD
The text is about the Zero Trust approach. The author explains its basic assumptions and meaning. Interestingly, to illustrate the importance of this method, he presents two current network security breaches and, based on their scenarios, conducts his considerations. It presents the most important principles of the Zero Trust approach and their importance. It also discusses the weak points of 0-Day log4j.
Significance of Image Tools in Digital Forensics
by Avirup Dutta, Gaurav Kumar Singh
The text is devoted to the importance of image analysis tools in digital forensics. Two basic problems are highlighted: the distinguishing proof of the pictorial "gadget" which captured the image, and the identification of signs of forgery. The text presents the various methods used in digital image forensics tools for deliberation and analysis.