3ys of cyber security at univetsity, no practical labs except advanced cryptography, 3 months internship in a SOC with no guidance, inability to do a Thesis because interesting projects are "too practical, just engineering problem, no real research advancment", inability to land a job in the fields for missing practical experience and back to my developer job (which luckily I love)... And here I am learning from a YT channel. I think there is something terribly wrong with University education system if they manage to kill the interests in a super challanging and hot topic, closing behind doors of a library...
I just recently replied that cyber security should be studied at school. This would be some starting ground for a further education. Then more people would know the topic, understand its importance, and studies in uni would be more advanced and practical
@@ТоварищКамрадовСоциалистКоммун I am not saying university is useless. I learned a lot of interesting theory, which was definitely needed. But god, I was unlucky, I hope, that there was no practical part except the internship which was useless and a blind shot as the only practical part in the curriculum. The mindset was just for research and if a University is so shortsighted that most students would like to then land a job, rather than pursuing a PhD (and positions are few), well, in my opinion you failed as an educational institution.
@@giblin91 many unis would be glad to accept PhD students with their own financial support/grant program. Uni and research groups have typically very limited finances to support a lot of researchers, or the applicant should fit their expectations, experience etc. So it's not an easy job, unless you are lucky to make it quick )
Thanks for sharing your opinion, I have dilemas for which skills should I pursue first before the others are following from behinds. The technical skills I wanna choose first are between Cyber Security, Machine Learning, Software Engineer... or should I choose computer science because it seems as the "Jack of all trades"...? Anyway, sorry for my bad english, it's not my native language. Edit : as a bonus, I recently interested in mechatronic engineering as my career path.
@@SchrodingersLife hi, hope you see this message. They are three different path wich of course can and will intercept each other. Cyber security can be a lot scientific if it is about crypto and protocols, but also a lot nonscientific when it comes to analysis and risk management. MI will always be very useful nowadays. Never went in that direction myself, I am missing the math and statistical basis to do it (bad teachers at uni). Software engineering is about code and sw architecture. Personally I think CS is nearer to SW engineering, but will give you a basis to then proceed with the other anyways. There are however universities that offer a cyber security or MI learning course path right from the BSc. Nevertheless, uni will give the theoretical basis. For the practical skills look what kind of lab they have or you have to work them yourself though work or personal projects out of passion
I am in my 2/3 yearish and still haven’t done actual SOC or check sny advance or beginner testing for malware. But this makes me wanna start somewhere and be ahead of the game once I graduate
It is easier said than done, defining the line between random and not is not always easy unless you decide to only open known links which to me seems a little bit extreme. I think the strategy mentioned in the video is certainly valid and does not require too much time if you have a bookmark of a few of these websites.
Nah bruh. Tou see yt ads page fly arounding there . That like 100 links i accidently click man. I have no curious why people alway make yt ads block apps all thr times
Most malware sites will try to look legit, coming across one isn't too uncommon if you actually browse the internet beyond the 5-10 sites you regularely use. Ad- and Scriptblock extensions are becoming necessary because of this, but putting them in Virustotal and Scamadvisor is a quick and easy way to be extra safe.
That's not really the case anymore. Malware is much more often distributed using social engineering because links being blacklisted takes very little time. Even the link he provided as an example is already dead. The point of this video was to educate people on how you can prevent giving your information away by doubting if something is secure. So even if you fail the first part and download something from an email or a webpage (and trust me, you will eventually fail this part), you can still stop getting infected by using the tools shown in the video.
This channel is an incredible resource for all levels of understanding, I always learn something new with your content and it’s very short and digestible. Thank you for all you do!
It seems hybrid analysis is more likely to give false positives like the set up exe for sharex is shown as malicious on it (both crowdstrike and metadefender is green but falcon sandbox is red)
An interesting ,Well explained and helpful video. Thank You Leo. After Windows 7, I, as a non business user, have used Linux which is enough for my requirements. I have been aware for some time that Linux has its own set of security threats and I am starting to learn more about this. Thanks again.
But what I don’t think was mentioned that really should have been is: please, for the love of whatever deity you hold holy, DO NOT run software you suspect to be malware just to see what processes it starts. That’s very, very bad advice outside of perhaps in a VM (and even then…only if you know what you’re doing).
i will never use dat thing again it got stuck in my pc refusing to fully uninstall and stopping other antivirus install i finally deleted it by a special uninstall program
these days the difficulties associated with AV removal shouldn't be considered as a stop sign or any kind of disadvantage of AV. Take this as a feature. AV makes a lot to stop it from stopping, uninstalling, file removal etc. It's a part of self defense. You might have to use a special removal program from developer
well there has to be some reason he had that problem an we didn't. I'm sure he can't be the only to have had that problem either but it's pretty obvious by the rave reviews that that is not the experince most users have with malwarebytes. I've never had a problem installing or uninstalling it.@@ТоварищКамрадовСоциалистКоммун
Leo, love your videos; even thought I am not a newbie and did learn something I kinda felt the video was a bit rushed and wished that you spent a little bit more time on each "basic skill" and listed the websites used in the video in the description. Thank you again for your work.
stopping half way through the video to comment how good this info is. I've been studying IT and cyber sec for a few months and all these are fantastic adds to my book marks tool set. Thank you and sub'd!
Bro fuck yeah you nailed this. How haven't I run into these tools in all my time on the internet. . . Every pc gamer in the world could benefit from learning to use something like sysinternal! Let alone how vital scam success could be reduced if we taught people to check if websites are legit in multiple stages. Loved how direct and clear this was, please keep doing what you're doing! I'll be sticking around!
Thanks for the, once again, great video. Quick question: is there a reason for not including URLs of programs or websites in the description, ones that were presented or discussed in video(s)?
Thanks, great video! I didn't know this type of tools existed. I thought that in order to test a file, the best option was running it on a VM. I will make sure to run hybrid-analysis as the first time saver.
Couple problems with this. 1. Dozen or more of service host processes, can't easily tell what they are doing, even when you can see how many are running. 2. Once there is a few years worth of applications and updates, I suspect it is very unlikely a user will be able to recall what the running process list looked like yesterday much less "normally".
This was good. As a SOC analyst 1 im impressed about the tools you mentioned. Most people are clueless and I was expecting something like firewall rules for windows. Wazuh is a great free soho siem by the way.
I’m not sure how to transfer USDT from TRX network to Binance using my address. My OKX wallet is linked to this seed phrase: [summer] [topic] [topple] [similar] [physical] [seminar] [object] [upset] [deposit] [spot] [estate] [ripple]. Any advice?
I am a freshmen in college going into cyber security. I have seen videos talking about the importance of getting an internship freshmen year but I am just starting out and wondering if it would be better to build up my skills or look for internship opportunity.
your process explore looks much prettier and understandable. i just downloaded mine and its no where as organized as yours. How to make it look like yours, like to show all the process in a list, also virus total, i couldn't find it at all inside the options.
Nice! Could I suggest you please consider making videos for people on how to help their parents or elderly relatives understand cyber attacks and scams, perhaps a super simple animated video for elderly people too? It's such a real vulnerability in society and we'll all experience it in one way or another! Cheers
How do I analyze a 811MB ISO file which is suppose to be "AOMEI Partition Assistant 10.3.1" By opening it in HX editor, what else except for the dots which fills out the space, should I be looking for?
Stay informed and stay ahead in the ever-changing world of cybercrime. Traditional educational institutions may not provide the cutting-edge knowledge needed to navigate this rapidly evolving landscape. To stay protected, you will need to be proactive in your approach to cybersecurity. This requires continuously educating yourself on the latest threats, vulnerabilities, and mitigation strategies. Relying solely on what is taught in a classroom setting is no longer sufficient. The onus is on individual users and businesses to take ownership of their cybersecurity posture. This means actively seeking out the most up-to-date information, tools, and best practices to safeguard against ever-morphing cyber threats. By adopting a proactive mindset, you can position yourself and your organization to be more resilient and responsive in the face of emerging cybercrime trends. The alternative - falling behind the curve - can have severe consequences in today's hyperconnected, digital-first world. Stay vigilant, stay informed, and stay ahead of the curve. Your cybersecurity future depends on it.
Does the machine and the heart have interactive understanding or misunderstanding categorically, Theres the SA and AV like the brain neurons, why verdict, for money making circus, I think I dont need that Abaddon type thing, I need a lunch for the launch for 2, thing. Yknow modern Space tourism with the front desk attract.
Little confused so many are watching this Video and nobody scans pestudio on Virus Total or hybrid analysis and ask anything? Task failed successfully?
Hallo! Thx so much for this video. I have a problem (adware i guess). When my pc starts it opens my browser with some random page. I tried with various antivirus and it detects nothing. I would really aprecciate any help. Thanks!
Can someone elaborate a little further on 3:48 where the application is suspected to be a trojan? Is it because it established a connection while showing no UI? Just wanna make sure I understand it because if I were to install TCPView I think I would get confused about what would be considered suspicious behavior between other applications that were already running.
"Why does it need to communicate with a remote server?" is a good question to ask. It could be checking for updates, downloading additional malware, stealing data, sending telemetry.. this is where investigation comes in
I had something like a job interview; they called me, asked me a few questions, and now I start my training on Thursday and Friday. I'm only temporary for two weeks. Is that normal for an IT position?
@shadow6543 if I knew how to repair computers and if I knew this. Then they said I start this Thursday and Friday for hands on training. I told my professor he said it sound fishy.
That's a fun question as it depends entirely on how the malware is designed. Some will start working immediately. Others will remain dormant for a pre-determined time or until certain conditions are met. That's just the inherent risk of pirating stuff. You never know what you're going to get.
Appropriate advice if you want to gate yourself into a technical SOC Analyst job which is the role that everyone thinks is super sexy. Its actually just the whipping boy for the SOC manager and will be 95% of the time just looking at a phishing email and wondering why people are so dumb. If you want to go far in the industry then learn about business and how to translate technical analysis like this into business language, learn about the CIA triad and learn about how to secure systems against attacks.
thank you so much for this i don't like just relying on my AV its nice to have some other skills slash options and methods to keep your system safe thanks again
The thing with the current state of win10, and, of course, win 11 is the fact that even the system alone is "network active"(don't know how to phrase it better). I have been running PipeWire just to spot new activity, hoping to catch if something crappy has been triggered. Well... For the time being, the only wtf activity I've been getting is stuff like Windows, connecting to some GameService junk. Have I scanned my system with numerous av software? - Yes. Have I found something besides "boohoo, it's a torrent client"? - no. Do I know why the hell ms stuff like that is running? - No. And I'm pretty sure the Internet will tell me it's ok. Do I see Windows as my number one head ache? - Yup, I do. I didn't trigger it, nor I actually know what is, and most likely I don't use it. And yes, I am well aware of Linux. But, sadly, win and mac have a strong hold on the software when it comes to manufacturers to develop software.
Thx for the lessons 😎 My malwarebytes won't even load the website or let me download the exe file? why does yours load it ? when you have the paid version? The browser guard wont allow it (says it is a trojan)
Can you update your bio with the official links to the softwares used in video? I know I can find on my own, but would be nice to have that incase. Also, is it normal for windows warning message to pop up for Pestudio when trying to run the exe?
These security tools should actually be provided by Microsoft, because I am more worried about them being the malware. Those functions mentioned are quite basic, such as external network connection monitoring. Microsoft should actually have something that allows the creation of eggshells. I.e. the program should not be able to access any resources outside of the eggshell. You should be able to define different kind of eggshells. Some eggshells should only allow local resources access and others may be only allow access to a few IPs. These eggshells should be assignable to different programs.
i gotta ask though, is mbam really enough to remove malware that is already in someone's pc? i remember having a client complaining about his laptop running slow or that his fans are active even though idle so i installed malwarebytes and another av, ran them and updated drivers, etc(the basics) and found nothing, i decided to install spyhunter and it detected miners (best guess is that its from the cracked games) and removed it which fixed the issues
btw windows sandbox is it good for testing potentially bad stuff? like if i run something to test and it happends to be ransomware will it spred to main system i know sandbox is ment to be isolated but knowing it shares network and who knows what, been wondering would it be safe? i like it more then vm's because i just ran it like any other app its fast up and can check/do stuff quick
some ransomware may detect they run in isolated environment, sometimes called sandbox evading malware. So they may PRETEND they are safe to run, but instead just lay down. Alternatively if they have an access to network they may steal some data and send it over network, and pretend like nothing bad happened. Many different bad scenarios, so if nothing bad happened during sandbox session, it doesn't mean the software is completely safe
no these tools only interact with the operating system but you might be able to see TCP and UDP connections made by the maleware using wireshark or another software. you can dump and hash your firmware and compare it to a hash of the actual firmware to see if its been tampered with, but this can lead to false positives sometimes if you dont do it right
Sadly we can’t stop malware as there will be hackers and a lot of hackers who commit malware attacks are from Russia North Korea or china and the fbi don’t have international arrest warrants for these countries.
I really love your video and especially I love this one so much because it teaches me a lot of stuff. I love cybersecurity and learning from you is a treasure!
you normally shouldn't do anything about system processes. However if you find your system works strange, you might want to scan with AV. You can also check manually every application installed and running with task manager (windows or from sysinternals software). You can CAREFULLY look through all drivers and services and suspend/disable/uninstall those that you REALLY don't need. It might be time consuming, so if your system is OK, then best way is just use it
@@ClaudeVanguard still cannot see it, i only get the option to: change theme to windows default, light or dark; choose backround image and hardware acceleration
@@ТоварищКамрадовСоциалистКоммун no brother everybody can easily use Linux if he/she wants too. 15 years ago I've same thinking like you. But once I tried to start Linux Mint. Things get easier day by day. I know there are so many distros but if you want to Go from Windows to Linux. Try Linux Mint or Deep-in Linux at the start . You will definitely love them . But if you are already a user of any Linux distro U can easily understand what I am saying. Even Dual core System or Pentium 4 with 2 Ram . U won't find Linux Buggy Or slower but with windows 10 or win 7 ...2 GB Ram and Dual core System system gets heavier on every update. That's the reason I'm saying it.
Wow! I really need this specially in Web3 space! As a curious human who kinda likes to dig deeper, this really feeds my curiousity. A lot of people say never open links but what if that links are safe? People need this kind of knowledge. Thank you!
3ys of cyber security at univetsity, no practical labs except advanced cryptography, 3 months internship in a SOC with no guidance, inability to do a Thesis because interesting projects are "too practical, just engineering problem, no real research advancment", inability to land a job in the fields for missing practical experience and back to my developer job (which luckily I love)... And here I am learning from a YT channel.
I think there is something terribly wrong with University education system if they manage to kill the interests in a super challanging and hot topic, closing behind doors of a library...
I just recently replied that cyber security should be studied at school. This would be some starting ground for a further education. Then more people would know the topic, understand its importance, and studies in uni would be more advanced and practical
@@ТоварищКамрадовСоциалистКоммун I am not saying university is useless. I learned a lot of interesting theory, which was definitely needed. But god, I was unlucky, I hope, that there was no practical part except the internship which was useless and a blind shot as the only practical part in the curriculum.
The mindset was just for research and if a University is so shortsighted that most students would like to then land a job, rather than pursuing a PhD (and positions are few), well, in my opinion you failed as an educational institution.
@@giblin91 many unis would be glad to accept PhD students with their own financial support/grant program. Uni and research groups have typically very limited finances to support a lot of researchers, or the applicant should fit their expectations, experience etc. So it's not an easy job, unless you are lucky to make it quick )
Thanks for sharing your opinion, I have dilemas for which skills should I pursue first before the others are following from behinds. The technical skills I wanna choose first are between Cyber Security, Machine Learning, Software Engineer... or should I choose computer science because it seems as the "Jack of all trades"...? Anyway, sorry for my bad english, it's not my native language.
Edit : as a bonus, I recently interested in mechatronic engineering as my career path.
@@SchrodingersLife hi, hope you see this message.
They are three different path wich of course can and will intercept each other. Cyber security can be a lot scientific if it is about crypto and protocols, but also a lot nonscientific when it comes to analysis and risk management. MI will always be very useful nowadays. Never went in that direction myself, I am missing the math and statistical basis to do it (bad teachers at uni). Software engineering is about code and sw architecture. Personally I think CS is nearer to SW engineering, but will give you a basis to then proceed with the other anyways. There are however universities that offer a cyber security or MI learning course path right from the BSc.
Nevertheless, uni will give the theoretical basis. For the practical skills look what kind of lab they have or you have to work them yourself though work or personal projects out of passion
I am in my 2/3 yearish and still haven’t done actual SOC or check sny advance or beginner testing for malware. But this makes me wanna start somewhere and be ahead of the game once I graduate
4:40 I used Malwarebytes way back in the day.... like maybe 2008 or so then antivir. Both honestly are a good choice.
Never open random links
good advice, except, malware links don't typically look like: 783g2fh4th3th.hr (random)
It is easier said than done, defining the line between random and not is not always easy unless you decide to only open known links which to me seems a little bit extreme. I think the strategy mentioned in the video is certainly valid and does not require too much time if you have a bookmark of a few of these websites.
Nah bruh. Tou see yt ads page fly arounding there . That like 100 links i accidently click man. I have no curious why people alway make yt ads block apps all thr times
Most malware sites will try to look legit, coming across one isn't too uncommon if you actually browse the internet beyond the 5-10 sites you regularely use. Ad- and Scriptblock extensions are becoming necessary because of this, but putting them in Virustotal and Scamadvisor is a quick and easy way to be extra safe.
That's not really the case anymore. Malware is much more often distributed using social engineering because links being blacklisted takes very little time. Even the link he provided as an example is already dead. The point of this video was to educate people on how you can prevent giving your information away by doubting if something is secure. So even if you fail the first part and download something from an email or a webpage (and trust me, you will eventually fail this part), you can still stop getting infected by using the tools shown in the video.
This channel is an incredible resource for all levels of understanding, I always learn something new with your content and it’s very short and digestible. Thank you for all you do!
It seems hybrid analysis is more likely to give false positives like the set up exe for sharex is shown as malicious on it (both crowdstrike and metadefender is green but falcon sandbox is red)
The same for xnview and irfanview
An interesting ,Well explained and helpful video. Thank You Leo. After Windows 7, I, as a non business user, have used Linux which is enough for my requirements. I have been aware for some time that Linux has its own set of security threats and I am starting to learn more about this. Thanks again.
But what I don’t think was mentioned that really should have been is: please, for the love of whatever deity you hold holy, DO NOT run software you suspect to be malware just to see what processes it starts. That’s very, very bad advice outside of perhaps in a VM (and even then…only if you know what you’re doing).
Those were my exact thoughts.
well someone should make the job done )
but don't repeat this at home )
It seems obvious to me that one should have a separate “victim” computer that is not on the network for this sort of thing.
Wow the malwarebytes UI has changed alot. think it mauy be time to test it again. Thanks for the informative video Leo.
Nice advertisement
i will never use dat thing again it got stuck in my pc refusing to fully uninstall and stopping other antivirus install i finally deleted it by a special uninstall program
these days the difficulties associated with AV removal shouldn't be considered as a stop sign or any kind of disadvantage of AV.
Take this as a feature. AV makes a lot to stop it from stopping, uninstalling, file removal etc. It's a part of self defense. You might have to use a special removal program from developer
well there has to be some reason he had that problem an we didn't. I'm sure he can't be the only to have had that problem either but it's pretty obvious by the rave reviews that that is not the experince most users have with malwarebytes. I've never had a problem installing or uninstalling it.@@ТоварищКамрадовСоциалистКоммун
wait u got wrong av lol the one that cant uninstall is avg not malwarebyte@@any_one_else
Leo, love your videos; even thought I am not a newbie and did learn something I kinda felt the video was a bit rushed and wished that you spent a little bit more time on each "basic skill" and listed the websites used in the video in the description. Thank you again for your work.
Thanks for the video. A good procedure as well is to check the hash value of the file to see if it matches known malware signatures.
Wooow! You made my interest grow bigger in cyber-security! :O
stopping half way through the video to comment how good this info is. I've been studying IT and cyber sec for a few months and all these are fantastic adds to my book marks tool set. Thank you and sub'd!
Incroyable.
Thank you for this video! This is very helpful!
Bro fuck yeah you nailed this. How haven't I run into these tools in all my time on the internet. . . Every pc gamer in the world could benefit from learning to use something like sysinternal! Let alone how vital scam success could be reduced if we taught people to check if websites are legit in multiple stages. Loved how direct and clear this was, please keep doing what you're doing! I'll be sticking around!
Thanks for the, once again, great video.
Quick question: is there a reason for not including URLs of programs or websites in the description, ones that were presented or discussed in video(s)?
Thank you very much. I'm an absolute beginner, so I do not wish to comment further. I just appreciate the help.
Thank you for the Information
So much useful info condensed into a short video.
Thanks, great video! I didn't know this type of tools existed. I thought that in order to test a file, the best option was running it on a VM. I will make sure to run hybrid-analysis as the first time saver.
Couple problems with this.
1. Dozen or more of service host processes, can't easily tell what they are doing, even when you can see how many are running.
2. Once there is a few years worth of applications and updates, I suspect it is very unlikely a user will be able to recall what the running process list looked like yesterday much less "normally".
Please sir, slow it down. First explain how do I even turn on the PC.
😂😂😂
😂
😭🤣🤣🤣
😂😂
What is a Microsoft?
Seus vídeos que me inspiraram a trabalhar na área de segurança! Obrigado mesmo!
Blz manito
This was good. As a SOC analyst 1 im impressed about the tools you mentioned. Most people are clueless and I was expecting something like firewall rules for windows. Wazuh is a great free soho siem by the way.
Sir, 4:10 how do you get a VirusTotal tab on the lower pane in Process Explorere?
Where do you see that , I don't see virus total
I’m not sure how to transfer USDT from TRX network to Binance using my address. My OKX wallet is linked to this seed phrase:
[summer] [topic] [topple] [similar] [physical] [seminar] [object] [upset] [deposit] [spot] [estate] [ripple]. Any advice?
What's the difference between the system suite and normal task manager?
thanks for providing the malware bytes link. Also thank you to the malware bytes team for the free download
Thanks man, I'm looking into choosing Network Operation and Cyber Security as my major and I wanna research it all.
no mention of intezer; do you not like them anymore?
I am a freshmen in college going into cyber security. I have seen videos talking about the importance of getting an internship freshmen year but I am just starting out and wondering if it would be better to build up my skills or look for internship opportunity.
your process explore looks much prettier and understandable. i just downloaded mine and its no where as organized as yours. How to make it look like yours, like to show all the process in a list, also virus total, i couldn't find it at all inside the options.
I love System Informer as an AIO tool
Nice! Could I suggest you please consider making videos for people on how to help their parents or elderly relatives understand cyber attacks and scams, perhaps a super simple animated video for elderly people too? It's such a real vulnerability in society and we'll all experience it in one way or another! Cheers
How do I analyze a 811MB ISO file which is suppose to be "AOMEI Partition Assistant 10.3.1"
By opening it in HX editor, what else except for the dots which fills out the space, should I be looking for?
Stay informed and stay ahead in the ever-changing world of cybercrime. Traditional educational institutions may not provide the cutting-edge knowledge needed to navigate this rapidly evolving landscape. To stay protected, you will need to be proactive in your approach to cybersecurity.
This requires continuously educating yourself on the latest threats, vulnerabilities, and mitigation strategies. Relying solely on what is taught in a classroom setting is no longer sufficient.
The onus is on individual users and businesses to take ownership of their cybersecurity posture. This means actively seeking out the most up-to-date information, tools, and best practices to safeguard against ever-morphing cyber threats.
By adopting a proactive mindset, you can position yourself and your organization to be more resilient and responsive in the face of emerging cybercrime trends. The alternative - falling behind the curve - can have severe consequences in today's hyperconnected, digital-first world.
Stay vigilant, stay informed, and stay ahead of the curve. Your cybersecurity future depends on it.
Does the machine and the heart have interactive understanding or misunderstanding categorically, Theres the SA and AV like the brain neurons, why verdict, for money making circus, I think I dont need that Abaddon type thing, I need a lunch for the launch for 2, thing. Yknow modern Space tourism with the front desk attract.
What can be done to incrase cyber security planetary in few good steps
teach it in school. School programs are typically crap in many countries around the world
Very interesting, thank you!
Little confused so many are watching this Video and nobody scans pestudio on Virus Total or hybrid analysis and ask anything? Task failed successfully?
Hallo! Thx so much for this video.
I have a problem (adware i guess). When my pc starts it opens my browser with some random page. I tried with various antivirus and it detects nothing. I would really aprecciate any help. Thanks!
Does anyone know if Malwarebytes will clash with other AV's? I have F-secure but I do like how affective Malwarebytes is.
Great video I like it does help me to protect my pc and laptops..😊👍🏻
Can someone elaborate a little further on 3:48 where the application is suspected to be a trojan? Is it because it established a connection while showing no UI? Just wanna make sure I understand it because if I were to install TCPView I think I would get confused about what would be considered suspicious behavior between other applications that were already running.
"Why does it need to communicate with a remote server?" is a good question to ask. It could be checking for updates, downloading additional malware, stealing data, sending telemetry.. this is where investigation comes in
that was helpful. would be good to watch an advance skill course
I had something like a job interview; they called me, asked me a few questions, and now I start my training on Thursday and Friday. I'm only temporary for two weeks. Is that normal for an IT position?
What questions did they ask? Whats your background? Is this a W-2 position? Legitimate business?
@shadow6543 if I knew how to repair computers and if I knew this. Then they said I start this Thursday and Friday for hands on training. I told my professor he said it sound fishy.
Why does pestudio come up as suspicious on Hybrid Analysis?
Awesome Thank you for Sharing! 💯✴
Thanks for sharing knowledge mate.
Hello I love your channel and I wanted to know if sysinternals suite is safe. Thank you
Very useful information Leo. I trust you more then Kaspersky 😉
What did Kaspersky do that made you feel like you couldnt trust them anymore
@cuddles1767 How do you know that? You mean like that Intel cpu backdoors specter and meltdown?
@@Corteum It was a joke, forget to mention, I use Kasperksy Premium ;)
Can I ask for a link to pestudio?
If I download a pirated software, and there's a malware, does it affect my computer immediately or after I install the software?
That's a fun question as it depends entirely on how the malware is designed. Some will start working immediately. Others will remain dormant for a pre-determined time or until certain conditions are met. That's just the inherent risk of pirating stuff. You never know what you're going to get.
@@JJFlores197 I'm really torn between pirating adobe and buying the plan because I don't want my pc get affected by viruses
this deserves the Likes and Subscribe
Appropriate advice if you want to gate yourself into a technical SOC Analyst job which is the role that everyone thinks is super sexy. Its actually just the whipping boy for the SOC manager and will be 95% of the time just looking at a phishing email and wondering why people are so dumb.
If you want to go far in the industry then learn about business and how to translate technical analysis like this into business language, learn about the CIA triad and learn about how to secure systems against attacks.
thank you so much for this i don't like just relying on my AV its nice to have some other skills slash options and methods to keep your system safe thanks again
So Microsoft owns the company that developed Sysinternals, right? Why didn't they make the tools a basic part of Windows?
Thanks for the video❤
The thing with the current state of win10, and, of course, win 11 is the fact that even the system alone is "network active"(don't know how to phrase it better). I have been running PipeWire just to spot new activity, hoping to catch if something crappy has been triggered. Well... For the time being, the only wtf activity I've been getting is stuff like Windows, connecting to some GameService junk.
Have I scanned my system with numerous av software? - Yes. Have I found something besides "boohoo, it's a torrent client"? - no. Do I know why the hell ms stuff like that is running? - No. And I'm pretty sure the Internet will tell me it's ok. Do I see Windows as my number one head ache? - Yup, I do. I didn't trigger it, nor I actually know what is, and most likely I don't use it.
And yes, I am well aware of Linux. But, sadly, win and mac have a strong hold on the software when it comes to manufacturers to develop software.
Very useful information! Thank you for sharing!
Thank you for teaching basic analysis and showing how to do it.
Thank you for the information!
If it seems fishy dont download it.
What if you are downloading a fish application?
Awesome content, thank you!🙏
Thx for the lessons 😎
My malwarebytes won't even load the website or let me download the exe file? why does yours load it ?
when you have the paid version? The browser guard wont allow it (says it is a trojan)
Give Malwarebytes permission to allow the files
Can you update your bio with the official links to the softwares used in video?
I know I can find on my own, but would be nice to have that incase.
Also, is it normal for windows warning message to pop up for Pestudio when trying to run the exe?
These security tools should actually be provided by Microsoft, because I am more worried about them being the malware. Those functions mentioned are quite basic, such as external network connection monitoring. Microsoft should actually have something that allows the creation of eggshells. I.e. the program should not be able to access any resources outside of the eggshell. You should be able to define different kind of eggshells. Some eggshells should only allow local resources access and others may be only allow access to a few IPs. These eggshells should be assignable to different programs.
Man, thanks for this video.
What if Malwarebytes and hitmanpro can't detect the crypto miner malware?? I got 3 unnamed processes in taskbar using high CPU and disk.
You probably installed some shady program which does not directly harm your data, so AV didn't recognize it as a threat, and let it go
i gotta ask though, is mbam really enough to remove malware that is already in someone's pc? i remember having a client complaining about his laptop running slow or that his fans are active even though idle so i installed malwarebytes and another av, ran them and updated drivers, etc(the basics) and found nothing, i decided to install spyhunter and it detected miners (best guess is that its from the cracked games) and removed it which fixed the issues
btw windows sandbox is it good for testing potentially bad stuff? like if i run something to test and it happends to be ransomware will it spred to main system i know sandbox is ment to be isolated but knowing it shares network and who knows what, been wondering would it be safe? i like it more then vm's because i just ran it like any other app its fast up and can check/do stuff quick
some ransomware may detect they run in isolated environment, sometimes called sandbox evading malware. So they may PRETEND they are safe to run, but instead just lay down. Alternatively if they have an access to network they may steal some data and send it over network, and pretend like nothing bad happened. Many different bad scenarios, so if nothing bad happened during sandbox session, it doesn't mean the software is completely safe
Very insightful video thank u
I have been trying to run Malwarebytes regardless the scan it'll stop scanning say 300,000 items but the time will still keep going up, any idea?
You have to pay for it!
I started learning re just because of this
Which is the web browser that is used in this video
I truly like this channel, this video is so educational. Thanks
Subscribed. You and myfdir are my go tos
Very helpful for noobs like me. Thanks 👍
im curious: does any of these showcased tools to detect viruses detect a virus that can hide itself in bios or other firmware?
no these tools only interact with the operating system but you might be able to see TCP and UDP connections made by the maleware using wireshark or another software. you can dump and hash your firmware and compare it to a hash of the actual firmware to see if its been tampered with, but this can lead to false positives sometimes if you dont do it right
@@scarytuber thx scarytuber
Short and sweet! Good to see you, as well.
Wow, very informative for a people with very basic computer knowledge, thank you
Thanks ❤
From where I can download top view
I need advance skills video🙏🏻 Let’s stop all malware
Sadly we can’t stop malware as there will be hackers and a lot of hackers who commit malware attacks are from Russia North Korea or china and the fbi don’t have international arrest warrants for these countries.
I really love your video and especially I love this one so much because it teaches me a lot of stuff. I love cybersecurity and learning from you is a treasure!
yeah but on Windows 10 I have a gazillion svhost processes. Wtf should I do?
you normally shouldn't do anything about system processes. However if you find your system works strange, you might want to scan with AV. You can also check manually every application installed and running with task manager (windows or from sysinternals software). You can CAREFULLY look through all drivers and services and suspend/disable/uninstall those that you REALLY don't need.
It might be time consuming, so if your system is OK, then best way is just use it
What's your wallpaper?
thanks learned something new please do a next level video
great suggestions
Thank you !!
Excellent content
As always very informative and useful.. Thanks!
loved the content
that site where you got file is down
Thank you
my malwarebytes dont look like yours any there isnt an update available for me? ive got premium any help
open the settings then go to display
@@ClaudeVanguard still cannot see it, i only get the option to: change theme to windows default, light or dark; choose backround image and hardware acceleration
Thanks
I can't believe it. Microsoft Defender flagged a file today as malware.
surprised that MS defender works? recent ratings show that it works, and not bad at all
USE Linux instead of wasting time on Buggy, Slow OS WINDOWS
@@Abdullahniazi-nj7fy Right, I forgot Linux has never had the most insane security holes ever... Oh wait! Keep being a delusional fanboy.
Linux workstation requires even higher user skills. Normally only those skillful enough would be ready to move to Linux, or to use both OS
@@ТоварищКамрадовСоциалистКоммун no brother everybody can easily use Linux if he/she wants too. 15 years ago I've same thinking like you. But once I tried to start Linux Mint. Things get easier day by day. I know there are so many distros but if you want to Go from Windows to Linux. Try Linux Mint or Deep-in Linux at the start . You will definitely love them . But if you are already a user of any Linux distro U can easily understand what I am saying. Even Dual core System or Pentium 4 with 2 Ram . U won't find Linux Buggy Or slower but with windows 10 or win 7 ...2 GB Ram and Dual core System system gets heavier on every update. That's the reason I'm saying it.
Appreciate it☺️
Wow! I really need this specially in Web3 space! As a curious human who kinda likes to dig deeper, this really feeds my curiousity. A lot of people say never open links but what if that links are safe? People need this kind of knowledge. Thank you!