877.791.9571 |

About the Author:

Gary Golomb is a student of the InfoSec Institute and has enjoyed a technical and cutting edge career in the security industry. Golomb is a Lead Research and Development Engineer at NetWitness Corporation where he has focused on reverse engineering and advanced pattern isolation and detection algorithms in executables, host processes, and network traffic, with several patents pending.

He has previously served as the founder of Proventsure (acquired by NetWitness), Director of R&D for the Dragon IDS at Enterasys Networks, and lead IT Forensics Investigator for the George Washington University (GWU). Academically, Mr. Golomb worked in the field of bioinformatics and proteomics, and developed an algorithm for identifying unknown proteins.

Mr. Golomb served in the U.S. Marine Corps as a Recon Marine in a direct action platoon in the 2nd Force Recon Company and deployed internationally as part of the Special Operations team of the 24th Marine Expeditionary Unit.

Mutexes, part two: Using WinDbg to Begin Reverse Engineering Unknown Malware from Memory

Part Two in a multi-part series on holistic, multi-disciplinary analysis and reversing.

You can read part one of this series here.

The last post, “Mutex Analysis: The Canary in the Coal […]

Mutexes, part one: The Canary in the Coal Mine and Discovering New Families of Malware

Part One in a multi-part series on holistic, multi-disciplinary analysis and reversing.

This post is based on a presentation I gave at the last Thotcon, but was really prompted by […]