CP
cyberpings
Tools & TutorialsMEDIUM

JSAC2026: Essential Workshops on Email Security and Malware Analysis

JPJPCERT/CC
JSAC2026malware analysisEML Analyzerreverse engineeringcybersecurity workshops
🎯

Basically, experts are sharing hands-on techniques to analyze malicious emails and malware at a cybersecurity event.

Quick Summary

At JSAC2026, cybersecurity experts shared valuable techniques for analyzing malicious emails and malware. Participants learned hands-on skills to better protect themselves and their organizations. These workshops highlight the importance of staying informed in an ever-evolving cyber threat landscape.

What Happened

At JSAC2026, cybersecurity professionals gathered to enhance their skills through various workshops. These sessions focused on analyzing malicious emails and reverse engineering malware, providing practical insights for incident response. The workshops featured expert speakers who shared their knowledge and tools to tackle real-world threats.

The first workshop, led by Manabu Niseki and Michał Praszmo, centered on using the EML Analyzer to triage malicious emails. They began by explaining email architecture and attack techniques, emphasizing the importance of understanding email headers. Participants learned about authentication technologies like SPF, DKIM, and DMARC, which help verify the legitimacy of emails. In the second half, attendees engaged in hands-on analysis using the EML Analyzer, an open-source tool that helps visualize email data.

The second workshop, conducted by Mark Lim from Palo Alto Networks, focused on advanced malware reverse engineering. Participants examined two malware families, specifically Guloader and Gremlin, in a multi-stage attack scenario. Lim guided them through the analysis of VBS files, PowerShell scripts, and shellcode, while also addressing anti-analysis techniques. This step-by-step approach reinforced both conceptual understanding and practical skills.

Lastly, Akihiro Yoshitake and his colleagues introduced a workshop on analyzing .NET AOT malware. They explained the challenges of working with binaries that lack IL code and metadata, which are common in traditional .NET malware. Through hands-on exercises with tools like Ghidra and IDA Pro, participants learned to identify functions and improve code readability, ultimately enhancing their analysis capabilities.

Why Should You Care

Understanding how to analyze malicious emails and malware is crucial for anyone who uses technology today. If you rely on email for communication or use software on your devices, you could be a target for cyber threats. Learning these skills can help protect your personal information and your company's data.

Think of it like learning to recognize a phishing email or a suspicious software download. Just as you wouldn’t open a door to a stranger, you shouldn’t click on unknown links or attachments. By attending these workshops, participants are better equipped to defend themselves and their organizations against cyber attacks.

What's Being Done

The JSAC2026 workshops are part of a broader effort to enhance cybersecurity skills among professionals. Experts are actively sharing knowledge and tools to combat evolving threats. Here’s what participants and organizations can do right now:

  • Engage in hands-on training sessions to improve skills.
  • Utilize tools like EML Analyzer, Ghidra, and IDA Pro for practical analysis.
  • Stay updated on the latest malware trends and techniques.

Experts are watching for advancements in malware techniques and the effectiveness of new analysis tools as they emerge.

🔒 Pro insight: The focus on EML analysis and .NET AOT malware reflects a critical shift in attack vectors — expect increased targeting of these areas.

Original article from

JPCERT/CC

Read Full Article

Share

Related Pings

LOWTools & Tutorials

Codex Security - Why It Avoids Traditional SAST Reports

Codex Security is moving away from traditional SAST methods. Instead, it uses AI-driven techniques to find real vulnerabilities. This change reduces false positives and enhances security efficiency.

OpenAI News·
MEDIUMTools & Tutorials

Stellar Cyber 6.4.0 - Enhancing SOC with Autonomous Capabilities

Stellar Cyber has launched version 6.4.0, enhancing its platform with Autonomous SOC capabilities. This update helps security teams reduce alert noise and speed up investigations. With AI-driven tools, analysts can focus on critical incidents, improving overall efficiency and response times.

Help Net Security·
LOWTools & Tutorials

File Shredder - Permanently Delete Files with Confidence

Malwarebytes introduces File Shredder to ensure deleted files are permanently erased. This tool is essential for anyone concerned about data recovery and privacy. With multiple shredding levels, it caters to varying security needs, making it a must-have for sensitive information management.

Malwarebytes Labs·
LOWTools & Tutorials

Elastic Security - Get Started with Your AI Agent Today

Elastic Security has launched open-source Agent Skills for AI agents. This lets users set up a security environment quickly, enhancing their security capabilities. Explore how these skills can streamline your security processes and improve efficiency.

Elastic Security Labs·
MEDIUMTools & Tutorials

Betterleaks - New Open-Source Tool for Secrets Scanning

Introducing Betterleaks, a new open-source tool for scanning exposed credentials in directories and Git repositories. Developed by the creator of Gitleaks, it offers enhanced speed and accuracy. This tool is essential for developers and security teams aiming to protect sensitive information effectively.

Cyber Security News·
MEDIUMTools & Tutorials

Security Validation - Embracing Agentic AI for Efficiency

Security validation is evolving with the introduction of Agentic AI, streamlining threat detection. Organizations can now unify their security tools for better efficiency. This shift is crucial for staying ahead of modern cyber threats.

The Hacker News·