Virtualization Technology News and Information
Kaspersky GReAT shares expertise on threat hunting with YARA in new online training course

Kaspersky is unveiling a new, online self-study course entitled, ‘Hunt APTs with YARA like a GReAT Ninja.' Armed with this training, IT security professionals can learn from the Kaspersky Global Research & Analysis Team's (GReAT) best practices on threat hunting with YARA. In addition to the practical insights from the company's world-renowned cybersecurity experts, participants will also receive access to a special virtual lab, where they can practice their new skills by analyzing samples and testing YARA rules.

YARA is a unique tool that makes it easier to identify and classify new malware samples. With its help, security analysts can create certain patterns, or ‘rules', and search for files that match them using security solutions or multi-scanner systems. By following a few basic guides, a researcher or security team can achieve a new level of knowledge in threat detection, mitigation and response.

In response to the global COVID-19 pandemic, Kaspersky has moved its training on YARA to an online format. The video course is authored by Kaspersky GReAT and provides first-hand recommendations on how to search for APT-related malware samples. It also discusses both new and existing zero-day exploits that the Kaspersky GReAT team has learned about following decades of threat research.

To reinforce knowledge gained from the course, the training also includes quizzes and the ability to practice in an exclusive virtual lab. Participants are offered over 20 practical exercises to test their YARA rules against real-life APT cases that Kaspersky's team has encountered during its work.

"YARA is an essential tool for discovering new, previously unknown attacks," comments Costin Raiu, director of the Global Research and Analysis Team at Kaspersky. "We have seen this in our own work and research, as it helped us investigate APT attacks, cybercriminal malware or zero-day exploits. With this new online training, we are excited to make our experience and knowledge available to a wider audience."

Kaspersky has granted free, early access to the course for individuals from a wide variety of non-profit and non-governmental organizations. This includes groups that focus on gender-based violence, human and digital rights, cybersecurity research, cyber policy and diplomacy, and supporting active and veteran armed forces personnel transitioning to roles in the IT security industry. Organizations with representatives participating in the training include Blueprint for Free Speech, Circle of Women in Cybersecurity (CEFCYS), Cyber Peace Foundation (CPF), DiploFoundationFederal Association of Women's Counselling and Rape Crisis Centres (bff), GEODE, Institute for Strategic Research (IRSEM) and Sciences Po, and VetSec, Inc. Feedback from these organizations will help Kaspersky improve the training, and the knowledge gained by the participants will enhance both their ability to protect organizations from attacks, as well as their threat hunting skills.

"The training will definitely add value to Cyber Peace Foundation's skills in terms of learning new technologies like YARA rules for malware investigation and the latest APT threat hunting techniques, in order to help our research team to dive deeper into the investigation and analysis of malware, exploits and zero days which can significantly impact the eKawach project," comments Vineet Kumar, President of Cyber Peace Foundation.

"The main purpose of the CEFCYS is to promote and increase women's leadership in cybersecurity jobs thanks to tangible actions, such as the development of a mentoring, education and training programs. In this context, the YARA training program offered by Kaspersky to some of our members is a great opportunity and perfectly fits CEFCYS's purpose. The technical and practical aspects of this course is an interesting challenge that breaks preconceived ideas about the fact that cybersecurity technical issues should only be men's business. This online course will make it possible for CEFCYS members, to increase their practical skills about data analysis and monitoring so they identify the chronology and the sources of threats and attacks. This program will probably help to excite the curiosity of other women, and to attract them so they discover other similar training courses oriented toward the technical aspects of cybersecurity," comments Nacira Salvan, Founder and President of the CEFCYS.  

‘Hunt APTs with YARA like a GReAT Ninja' is the first training course in Kaspersky's portfolio of education programs for security professionals that will be made available online. More information about the training course and registration is available at
Published Tuesday, September 01, 2020 8:38 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<September 2020>