Malware Discovery: Using OS Internals to Identify Indicators of Compromise

Please join Joe Opacki, VP of Threat Research at PhishLabs, as we explore malware and how antivirus solutions work.

Do you think your computer is infected with malware?Ever wonder if your antivirus solution is working?
When your antivirus solution notifies you that there is suspicious behavior on your computer, this is an incident. It’s an incident because your computer has already been compromised. The reason you’ve been compromised is because the antivirus alert is a vehicle for notifying you that something malicious has been introduced into your environment. This presentation will focus on the various vectors malware utilizes to infect computers systems, the impact to the operating system during malware execution, and also the techniques utilized by anti-virus software to detect infection or indicators of compromise.