## reading - [[Practical malware analysis#Chapter 18 Packers and unpacking]] - [[Practical malware analysis#Chapter 21 64-bit malware]] ## 6.1 Malicious web ### Identifying malicious websites - what is [[web security]]? - apparently [[Transport Layer Security|TLS]] and [[public key infrastructure|PKI]] or [[public-key certificate]]s - a malicious website is one that aims to deceive its users and conduct some activity that users don't expect it to do - [[phishing attacks]] can be done this way - scams - drive by download - [[malware]]-laden sites - they often lack [[HTTPS]] (citation?) and [[public-key certificate|certificates]] (citation?) - an example is the [[Gozi Virus]], which was packaged with a download from an apparently legitimate site - [[cookie|cookies]] are a privacy nightmare, but aren't necessarily malicious - [[browser]] vulnerabilities are a thing, and are made worse by third-party extensions. These bits of software aren't necessarily...great, and are vulnerable to [[supply chain attack]]s ## 6.2 Malicious documents ### [[PDF]] ## 6.3 In-depth [[malware]] analysis