Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,000 --> 00:00:05,566 Welcome on this lesson we'll start explaining some key malware concepts 2 00:00:07,166 --> 00:00:17,199 What is malware?, malicious software o malware is a piece of software that performs unauthorized actions in your equipment 3 00:00:17,200 --> 00:00:26,666 Black hackers or crackers use malware to subvert the intended function of the system, in order to spy or take control of your terminal. 4 00:00:26,666 --> 00:00:34,732 Often they try to turn your equipment in a zombie for Distributed denial-of-service, you may know this means they infect 5 00:00:34,733 --> 00:00:40,433 thousands of machines and use them to send spam or make simultaneous request to the target, 6 00:00:40,433 --> 00:00:45,299 this traffic flooding usually takes down the target system. 7 00:00:45,466 --> 00:00:53,499 They could infect you to distribute more malware or for cryptocurrency mining, this usually happens when you visit a compromised 8 00:00:53,500 --> 00:01:00,100 web site, privilege escalation means they use your terminal to try to acces the entire network. 9 00:01:00,233 --> 00:01:09,199 Malware could steal credentials and information in general and could hide into scripts, active content, office documents, pdfs, 10 00:01:09,200 --> 00:01:12,533 executables, email and so on. 11 00:01:15,166 --> 00:01:25,966 There are some well-known infection vectors that malware use to get into your system, like: Sharing files through email, intranets, usb 12 00:01:25,966 --> 00:01:35,432 drives, or bluethoot. If you visit an infected web site you could be victim of cross site scripting, this tecnique inject a malicious script directly 13 00:01:35,433 --> 00:01:40,699 into a vulnerable web site if you visit this web site you could get infected. 14 00:01:41,366 --> 00:01:51,832 Social engineering. Its main target is to lure you into actions that will compromise your system: steal credentials and execute malware. 15 00:01:51,833 --> 00:01:54,066 let me picture one scenario: 16 00:01:54,066 --> 00:02:02,732 Imagine you are a man and a beautiful girl ask you to be her friend in any social media program, after few chats 17 00:02:02,733 --> 00:02:11,233 she sends you a picture, you happily open it and bingo you now are infected, turns up the image was carrying a malware. 18 00:02:11,233 --> 00:02:14,666 You have been victim of a social engineering campaign. 19 00:02:14,666 --> 00:02:23,299 Now imagine you receive an email from your bank asking you to urgently update your credentials, you do it and they are stolen, 20 00:02:23,300 --> 00:02:30,700 turns out the page you visit for re enter your credentials was a fake one, this is known as phishing 21 00:02:30,700 --> 00:02:34,700 and is very popular in social engineering campaigns. 22 00:02:34,700 --> 00:02:41,533 Then the main target of social engineering campaigns is to lure you into actions that will compromise your system, 23 00:02:41,533 --> 00:02:45,999 usually stealing credentials or downloading and executing malware. 24 00:02:46,600 --> 00:02:51,600 Ok, now lets talk about why we bother to conduct a malware analysis. 25 00:02:51,900 --> 00:03:01,166 Malware analysis is a research process, its aim is to understand in detail the malware behavior. Its objectives are: 26 00:03:01,166 --> 00:03:07,166 Get Indicators of Compromise or signatures, these could be then use in antivirus systems. 27 00:03:07,166 --> 00:03:18,099 For example, if the malware connect to a domain and you catch that ip. This connection to this specific ip is an Indicator of Compromise 28 00:03:20,666 --> 00:03:25,266 To clean and recover an affected system if necessary. To Detect and neutralize threatens. 29 00:03:25,266 --> 00:03:30,432 No further explanations are necesary, we’ll do this in practice. 30 00:03:31,133 --> 00:03:35,299 join me at the next lesson to learn more important concepts 4147