Malware Books (too outdated to use)


Something I would like to bring up would be your thoughts on malware analysis learning through older(outdated) books and other resources. I have heard people say that you must learn the concepts in order to have the foundation to do malware analysis. However, Practical Malware Analysis is 8 years old. Malware analysis and DFIR practitioners that I chat to complain about this because the tools and techniques are changing frequently. The practical walk-through in some books may not be applicable for today’s malware research and detection. I think the principles may be still good in older books. These are just few thoughts I had. I could be wrong but would love to hear your thoughts.



What concepts are you referring to?

I can agree with this however, in my (limited) experience, many techniques that are present in Practical Malware Analysis are still used. Generally, evolving tools shouldn’t be a problem. What one should focus on when reading outdated resources is the underlying, fundamental notions and understanding the bigger picture. I believe that this is approach is infinitely scalable no matter the stance of today’s or future technology. Similar to Art of Exploitation, readers should make an effort to not tunnel into what the content provides as is but instead should expand and trigger their mind to problem solve, acting as some sort of catalyst or enabler into the field. From there onwards, they should look to further their own studies with what they have learned with research if they wish to become something greater.



Concepts would be methodology of doing malware analysis, behavior of certain malware, and debugging process .



This time, I’m looking into Chinese cyber attacks or cyber terrorism with my initial writing.

I read the published materials etc. of FireEye for the time being.
I think that it is a good idea to do new information and learning with the site information of the security company until to a certain extent.
But, after finding a new security hole, most of the classical methods are used in many cases.
Old-fashioned social hacks are often footholds.

But China’s cyber attacks and cyber terrorism techniques that are enough to steal the technology of electromagnetic catapults of American aircraft carriers surpass my imagination.

Can you tell me if you and your acquaintance are familiar with Chinese cyber attacks or cyber terrorism?


(system) closed #5

This topic was automatically closed after 30 days. New replies are no longer allowed.