Malicious Streams

Digging for Malware: Suspicious Filesystem Geography

Malware has moved to the forefront of the information security landscape. Malicious software is involved in nearly every major data breach.  While host-based anti-malware products are a must they are not getting the job done entirely.  The flood of ever changing malware continues to flow over the walls of protection and into our systems.  Once malicious files have embedded themselves, the challenge falls on the incident responders and forensics experts to identify, contain, and eradicate these threats.  This article is the first in a series focused on arming these responders with additional tools to accomplish the job.

This article will explore ways to discover malware by identifying suspicious filesystem locations most commonly used by malware.

Read More