Ready to Start Your Career?
By: Tatianna
April 13, 2016
S3SS10N Wednesday - Malware Persistence 101
By: Tatianna
April 13, 2016
What is S3SS10N Wednesday?
S3SS10N Wednesdays are weekly 15 minute (or less) white board lessons by Cybrary Instructors and SME’s. They are designed to provide you with a quick dose of cyber security learning. We publish a new episode every Wednesday morning (Eastern Time). Now, check out our newest episode below![insert_vertical_space the_pixels="10"][clear][if_logged_in_show][/if_logged_in_show][not_logged_in_show]You must be a Cybrary member to view this S3SS10N Wednesday video. Join for free.
Join Now
Login
[/not_logged_in_show][divider][one_third]Instructors -
Kyle Hanslovan (left) & Chris Bisnett (right) Kyle and Chris are the founders of Huntress Labs (@HuntressLabs on Twitter) and have their own blog and podcasts. To see more from them, check out our blog, and Cybrary's exclusive interview with Kyle.Whiteboard Notes
(Click the picture below to open in a new tab)[insert_vertical_space the_pixels="10"]
[clear][insert_vertical_space the_pixels="20"]This Session:This brief session covers malware persistence - why it's important, what to do about it, how it's done, why attackers use it, and most importantly how to remediate it. Malware persistence is when a computer gets infected by a virus that allows the malware to boot up when a computer restarts or a user logs in to a system. How do you discover Malware Persistence? Use free tools like Autorun which are part of the Microsoft Sysinternals tool suite, or other tools available for download. Autorun is the defacto tool that enumerates anything and everything that's likely to start up. Other sysinternal tools such as ProMon (Process Monitor) allow users to get more granular and help figure out what is happening in the boot process when a malicious payload or application starts. Listen to/Download the MP3