A Malware Convergence at jIIr

I normally wait until my blog’s anniversary to post about the direction I want to take in the upcoming year. However, there has been a perfect storm brewing over at jIIr and the eye of the storm would have passed if I waited until my anniversary. As the New Year approaches I’m looking ahead to see the direction this blog will take. jIIr has always been a platform for me to share my thoughts and research, and this will not change. In the upcoming year I foresee some changes to the content I post due to the perfect storm that is occurring. The storm I keep referring to is the convergence of different areas in my life revolving around malware. In the upcoming year I’ll be involved in: authoring a Malware Forensic book, developing a Malware Analysis course, and taking on additional malware responsibilities with my employer.

People and organizations from all walks of life are combating malware on a daily basis. The majority of the security defensive controls are ineffective at stopping the malware since attackers are bypassing them with ease. Throwing additional security controls at the issue is not the answer. What needs to be improved is the response to the malware issue; where the systems impacted are actually examined. Examining systems is one way to obtain intelligence that could be used to improve security. The question then becomes what resources are available to those wanting to take the step to start examining malware infected systems. Do those resources outline not only the process to follow but the tools to use, artifacts to look for, artifacts meaning, and provide sample data to practice on. Well, I have not been able to locate a resource to my liking addressing malware examinations. So I decided to create one and what I just describe is a glimpse of the book I’m starting at some point next year.

My book is on hold because my current focus is on another endeavor. I am developing the Malware Analysis course for Champlain College’s Master of Science in Digital Forensic Science program. The course will cover a range of topics from malware fundamentals to memory forensics to malware forensics to malware analysis (reversing). It is an honor to be a part of Champlain College and I’m looking forward to do everything I can to put together a great course for an outstanding program.

Lastly, I am starting to take on additional malware responsibilities with my employer. jIIr has always been a personal blog and I never discuss the work I do for my employer. I will continue to have this boundary so I won’t elaborate on what my responsibilities are besides hinting at the fact malware will take up more of my time at my job.

This malware convergence means I will be living and breathing malware everyday and all day for the upcoming year. The little personal time I may have for research is going to be spent on different aspects of the malware issue. As a result, jIIr is going to be more focused on topics related to malware. I will try my best to mix in other content about DFIR or security but to be honest I don’t know if I will have the time. The perfect storm has arrived and I hope you stick around to ride it out.


Merry Christmas and Happy New Year.