Title: Evasive Malware: A Field Guide to Detecting, Analyzing, and Defeating Advanced Threats
Publisher: No Starch Press
Publication Date: 2024
Language: English
ISBN 10: 1718503261
ISBN 13: 9781718503267
Binding: Soft cover
Condition: New

About this title

Synopsis

Get up to speed on state-of-the-art malware with this first-ever guide to analyzing malicious Windows software designed to actively avoid detection and forensic tools.

We’re all aware of Stuxnet, ShadowHammer, Sunburst, and similar attacks that use evasion to remain hidden while defending themselves from detection and analysis. Because advanced threats like these can adapt and, in some cases, self-destruct to evade detection, even the most seasoned investigators can use a little help with analysis now and then. Evasive Malware will introduce you to the evasion techniques used by today’s malicious software and show you how to defeat them.

Following a crash course on using static and dynamic code analysis to uncover malware’s true intentions, you’ll learn how malware weaponizes context awareness to detect and skirt virtual machines and sandboxes, plus the various tricks it uses to thwart analysis tools. You’ll explore the world of anti-reversing, from anti-disassembly methods and debugging interference to covert code execution and misdirection tactics. You’ll also delve into defense evasion, from process injection and rootkits to fileless malware. Finally, you’ll dissect encoding, encryption, and the complexities of malware obfuscators and packers to uncover the evil within.

You’ll learn how malware:

Abuses legitimate components of Windows, like the Windows API and LOLBins, to run undetected
Uses environmental quirks and context awareness, like CPU timing and hypervisor enumeration, to detect attempts at analysis
Bypasses network and endpoint defenses using passive circumvention techniques, like obfuscation and mutation, and active techniques, like unhooking and tampering
Detects debuggers and circumvents dynamic and static code analysis

You’ll also find tips for building a malware analysis lab and tuning it to better counter anti-analysis techniques in malware. Whether you’re a frontline defender, a forensic analyst, a detection engineer, or a researcher, Evasive Malware will arm you with the knowledge and skills you need to outmaneuver the stealthiest of today’s cyber adversaries.

About the Author

Kyle Cucci has over 17 years in cybersecurity and IT, including roles as a malware analyst and detection engineer with Proofpoint’s Threat Research team and leader of the forensic investigations and malware research teams at Deutsche Bank. Cucci regularly speaks at security conferences and has led international trainings and workshops on topics such as malware analysis and security engineering. In his free time, Cucci enjoys contributing to the community via open source tooling, research, and blogging.

"About this title" may belong to another edition of this title.

Store Description

Visit Seller's Storefront

Seller's business information

Websew.com Inc
22C Cragwood Road, Avenel, NJ, 07001, U.S.A.

Sale & Shipping Terms

Terms of Sale

We sell brand new books from the publisher.

Shipping Terms

Shipping costs are based on books weighing 2.2 LB, or 1 KG. If your book order is heavy or oversized, we may contact you to let you know extra shipping is required.

Shipping rates within U.S.A.

Shipping rates within U.S.A.
Order quantity	5 to 14 business days	5 to 14 business days
First item	US$ 0.00	US$ 0.00

Delivery times are set by sellers and vary by carrier and location. Orders passing through Customs may face delays and buyers are responsible for any associated duties or fees. Sellers may contact you regarding additional charges to cover any increased costs to ship your items.