Scribd Logo
Upload

Welcome to Scribd!

  • CSE2203 Guest Lecture1

    Uploaded by

    Spartn Life
    13 views10 pages
    The document summarizes a guest lecture on cybersecurity domains that covered topics such as cyber diplomacy, incident response, examples of Emotet malware emails, and the execution process of Emotet samples. The presenter, Jason Jacobs, provided an overview of their work in cyber diplomacy and outlined the key phases of incident response according to NIST. Homework assignments were included for interacting with indicators of compromise, execution behavior, and network traffic related to Emotet malware.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document summarizes a guest lecture on cybersecurity domains that covered topics such as cyber diplomacy, incident response, examples of Emotet malware emails, and the execution process of Emotet samples. The presenter, Jason Jacobs, provided an overview of their work in cyber diplomacy and outlined the key phases of incident response according to NIST. Homework assignments were included for interacting with indicators of compromise, execution behavior, and network traffic related to Emotet malware.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    13 views10 pages

    CSE2203 Guest Lecture1

    Uploaded by

    Spartn Life
    The document summarizes a guest lecture on cybersecurity domains that covered topics such as cyber diplomacy, incident response, examples of Emotet malware emails, and the execution process of Emotet samples. The presenter, Jason Jacobs, provided an overview of their work in cyber diplomacy and outlined the key phases of incident response according to NIST. Homework assignments were included for interacting with indicators of compromise, execution behavior, and network traffic related to Emotet malware.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 10

    CSE2203: Guest Lecture

    06/01/2022

    Presenter: Jason Jacobs


    https://www.linkedin.com/in/jasonthename/
    jjackson8895@gmail.com
    Map of Cybersecurity Domains
    V2
    Cyber Diplomacy
    Team Guyana at Organization of American
    States (OAS) Diplohack Student Challenge
    2019 competing with universities from the
    United States, Trinidad, Jamaica, Costa
    Rica, and Mexico.

    The objective of cyber diplomacy is to define a set of


    norms which meets the following criteria:

    ● achieve an open, free, stable and secure


    cyberspace;
    ● apply to state and non-state actors;
    ● adopted under the auspices of international law;
    ● promoted, incorporated, implemented and
    enforced through multilateral agreements.
    Security Operations: Incident Response
    The steps used to prepare for, detect, contain, and recover from a data breach.

    The National Institute of Standards and Technology (NIST) outlines four (4) key
    phases to Incident Response:

    ● Preparation - Planning for prevention and response


    ● Detection and Analysis - Determining severity and its type.
    ● Containment and eradication - Halting the effects
    ● Recovery - Lessons learnt/reflecting on events

    Incident Response [Beginner's Guide] | CrowdStrike


    Emotet Email Sample

    Emotet is a banking trojan


    distributed via malspam
    emails commonly
    containing the subject lines,
    “Your Invoice” and
    “Payment Details”.

    Here are the new Emotet spam


    campaigns hitting mailboxes
    worldwide (bleepingcomputer.com)
    Emotet Email Sample
    Emotet Email Sample (One click before chaos)

    The outcome of
    activating the “Enable
    Content” feature
    typically results in
    Malware infection or
    System Compromise.
    Malware

    Execution stages
    of an Emotet
    Sample.
    Other data you see everyday

    ● Malicious IP addresses

    ● Intrusion attempts

    ● System Compromise

    ● Security Event Reports


    Homework - Play dangerously, Learn effectively
    1. Indicators of Compromise for Emotet Malware
    https://bazaar.abuse.ch/sample/6b32cf387feb48cbd6924f81c81019ecd246b8555a17b
    b5ad84e02cdf8f33ea6/
    2. Emotet Malware Execution -
    https://app.any.run/tasks/cb3e26a9-5126-43dd-a66b-c600cc086b6e/
    3. Network Traffic Capture -
    https://mega.nz/file/7fIQjTJK#MfFLze-0gvSl_9zaIJIj2FVkEsKfqceV8vbrzvU3NMU

    You might also like