Last Chance for iPad Pro w/ Smart Keyboard or ASUS Chromebook w/ Online Training!

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Fighting Fileless Malware

  • Wednesday, May 24th, 2017 at 11:00 AM EDT (15:00:00 UTC)
  • Sanat Chugh
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

Sponsor

  • Cybereason

You can now attend the webcast using your mobile device!

Overview

The Russian Kovter gang is the creator and operator of one of the world's most impactful and prolific fileless malware and botnet attack. The Kovter fileless malware is able to gain full control and long term persistence over victim machines, while operating fully out of memory, and without any files being dropped onto the file system, helping it evade most security tools.

Sanat Chugh, Researcher, at Cybereason will explain the Kovter fileless malware and its variants and present techniques organization can use to hunt, detect, and respond to these attacks.

In this webcast, you will:

  • Learn about fileless malware, such as powershell and other windows built-in scripting engines, and how they are leveraged by attackers to gain stealth and persistence
  • Learn how to detect and respond to these types of attacks

Speaker Bio

Sanat Chugh

Sanat Chugh is a Researcher at Cybereason. He has previous experience in Web and Mobile Development and now works extensively on detailed cyber attack analysis. More specifically, Sanat focuses on malware analysis and reverse engineering (working and structural breakdown), analysis and recreation of enterprise level cyberattacks, and analysis of common attacker TTPs.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.