How To Analyze And Investigate Malicious JavaScript Attacks
The increased frequency of JavaScript attacks, coupled with its ubiquitous use, creates big problems when trying to protect your users. JavaScript is a powerful language and deployed widely today – in fact, RedMonk rates it as the #1 most popular programing language in the world.
Load a web page and your computer starts executing the JavaScript embedded within. Sound dangerous? Of course, it is! Major browsers have tried hard to implement security by keeping JavaScript code in a sandbox. This webinar will analyze what happens when it gets out.
JavaScript now, more than ever, goes beyond just a web browser. Many applications and document types support JavaScript including:
- PDF files
- Email clients
- Word processing applications
- Server-side apps
- Modern Windows apps
In this real training for free event we’ll show you several different forms of malicious JavaScript such as:
- Malicious PDF example
- Malicious .js file email attachment
- Malicious Javascript used in common MITM scenarios
We’ll discuss locating and extracting suspicious code, de-obfuscation, and observing the payloads executing in a safe environment. You can gain valuable information from JavaScript that can then feed other investigation outputs such as YARA rules, openIOC, and other signatures. The emphasis must be on outputs for continual detection purposes and expanding your investigation scope. We’ll help you answer the next logical question during an investigation: “Has anyone else on my network been affected?”