Advanced Malware Analysis: Ransomware

Ransomware attacks continue to be a growing threat to the security and success of individuals and companies. In this course, you will learn how to detect, analyze, and protect yourself and your company from Ransomware attacks.
Course info
Level
Advanced
Updated
Jan 24, 2019
Duration
1h 30m
Table of contents
Description
Course info
Level
Advanced
Updated
Jan 24, 2019
Duration
1h 30m
Description

Ransomware attacks have continued to grow in frequency and potency, causing large business impact. There is no reason for you and your company to become a victim of this destructive piece of Malware. In this course, Advanced Malware Analysis: Ransomware, you will gain the ability to determine if compromised machines were infected with Ransomware. First, you will learn some of the early indicators of when Ransomware infects a system. Next, you will discover how kill switches can help you prevent attacks. Finally, you will explore how Ransomware spreads throughout the network and how it manages to infect a large number of computers. When you are finished with this course, you will have the skills and knowledge of Ransomware Analysis, enabling you to identify, contain, and eradicate attacks much more effectively.

About the author
About the author

Cristian is a Information Security Professional with experience in supply chain, manufacturing, gaming, and entertainment sectors for Fortune 500 companies. He has provided expertise in incident response cases by performing forensic investigations, malware analysis, and elaborating mitigation plans against complex cyber attacks.

More from the author
Threat Hunting with Yara
Intermediate
1h 14m
Jun 25, 2019
More courses by Cristian Pascariu
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
(Music) Hi everyone. My name is Cristian Pascariu, and welcome to my course, Advanced Malware Analysis: Ransomware. I am an information security professional and have dealt with ransomware of all shapes and sizes. Ransomware has become one of the most destructive pieces of malware, impacting businesses all over the world, as well as public institutions. Now more than ever, knowing how to perform ransomware analysis has become a requirement. In this course we are going to analyze ransomware in multiple scenarios with a goal of collecting indicators of compromise and in some cases, disrupting the infection chain altogether. Some of the major topics that we'll cover include: analyzing machines already compromised by ransomware, performing behavioral analysis on early infection stages; this is where we'll be looking at kill switches and how ransomware disables backup services; as well as monitoring propagation through the network. We'll scale our analysis to study how ransomware manages to infect networks of computers. By the end of this course, you'll know how to perform ransomware analysis in a wide range of scenarios, from detecting and containing already infected machines, to going ahead of the curve and implementing defenses such as kill switches. Before beginning this course, you should be familiar with some basic concepts of malware analysis, although many of the concepts and techniques will be covered in great detail, making it easy to understand even for those who are new in this field. I hope you'll join me on this journey to learn ransomware analysis with the Advanced Malware Analysis: Ransomware course at Pluralsight.