This chapter is all about investigating malware in the context of network forensics. Most of the incidents requiring network forensics will be based on malware-oriented events, such as network breaches, financial crime, data theft, and command and control. Most of the attackers will deploy command and control malware to enslave the compromised machine and gain leverage over the internal network for lateral movement. Generally, network forensics and computer forensics go hand in hand in case of investigating malware. The computer forensics investigator will find all that has changed on the system and where the malware resides in the system. Then, they will find the executables causing the issues and upload them to a site, such as https://www.virustotal.com or http://www.hybrid-analysis.com, to find more about the malware and...
United States
United Kingdom
India
Germany
France
Canada
Russia
Spain
Brazil
Australia
Argentina
Austria
Belgium
Bulgaria
Chile
Colombia
Cyprus
Czechia
Denmark
Ecuador
Egypt
Estonia
Finland
Greece
Hungary
Indonesia
Ireland
Italy
Japan
Latvia
Lithuania
Luxembourg
Malaysia
Malta
Mexico
Netherlands
New Zealand
Norway
Philippines
Poland
Portugal
Romania
Singapore
Slovakia
Slovenia
South Africa
South Korea
Sweden
Switzerland
Taiwan
Thailand
Turkey
Ukraine