SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsThis paper was written to partially fulfill the requirements for the GIAC Certified Incident Handler certification. It is about the Santy worm found in the wild around December 21st, 2004. This early and evil 'Santa Claus' present caused some serious havoc for administrators of phpBB bulletin board software around Christmas 2004 defacing almost 40 thousand phpBB sites in a short period. It is one of the first worms that efficiently use search engines such as Google1 to find their potential targets. Therefore an analysis of the techniques used and a description of the incident handling process seemed useful to me. I hope it is useful to the security community as well.
Pieter Danhieux is Co-founder and Chief Architect of the Secure Code Warriorplatform (http://www.securecodewarrior.com), a gamified environment where developers and security testers can learn how to properly identifyand fix security weaknesses in software.
Read more about Pieter Danhieux