Why you should wipe the drive after a malware infection

Think you’ve completely removed all traces of that malware that infected one of your organization’s computers? Maybe not. Many types of malicious software leave behind small but important configuration changes that will allow them to infect the machine all over again in the future, and these can be very hard to detect. This series of articles over on the SANS Internet Storm Center (ISC) site shows how several of those misconfigurations work.

Four parts have been published:

https://isc.sans.edu/diary/Wipe+the+drive+Stealthy+Malware+Persistence+Mechanism+-+Part+1/15394

https://isc.sans.edu/diary/Wipe+the+drive+Stealthy+Malware+Persistence+-+Part+2/15406

https://isc.sans.edu/diary/Wipe+the+drive!++Stealthy+Malware+Persistence+-+Part+3/15448

https://isc.sans.edu/diary/Wipe+the+drive%21++Stealthy+Malware+Persistence+-+Part+4/15460

About The Author

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top