Recorded Live:June 28, 2011
Generously supported by:
Click here to view this ISSA Web Conference On-demand
Click here to download presentation slides
Web Conference Overview:
Malware has been around for some time now and does not seem to be going away – in fact it is becoming more prevalent and dangerous with malware releases now exceeding those of legitimate software. Malware is a contaminant, a spy, and a resource thief that can leave your system damaged, your confidential information compromised, and your organization and users a source of harmful worms, Trojan horses, and viruses. How can you keep track of new malware threats, how do you know you have been attacked, how did you get attacked, and what are the impacts or ramifications of the new malware threats? Our speakers will address the current malware threats while giving insight into these questions and much more.
Paul Williams - Executive Director of Security Services - White Badger Security
Presentation Overview: When Anti-Virus Software Doesn’t Work: Detecting the Undetected
This session is an overview of the technical challenges involved with the detection of Advanced Persistent Threat (APT) malware which is not detected by anti-virus software, intrusion detection systems, log analysis, or other traditional best practices defenses. Learn why mitigating APT malware may be a better strategy than attempting to remove it. Finally, discover just how difficult it can be to prevent the return of the same or newer, more powerful malware. This session is based on recent large-scale enterprise case history examples the presenter has been involved in.
Speaker Biography:Paul Williams is Executive Director of Security Services for Pennsylvania-based White Badger Security. Williams has thirty-five years of breakthrough innovation in cyber security, artificial intelligence, high speed databases, software quality test engineering, and defense related technologies. An expert in rapidly solving complex cyber crime investigations through a variety of innovative techniques, Williams is an active public speaker who has conducted scores of high profile cyber-security speaking engagements nationally and internationally every year. Williams maintains and grows his personal collection of 24,000 computer viruses and 1,700 Trojan Horses for advanced research purposes.
Joseph Opacki – Malware Technical Program Manager, Operational Technology Division - Federal Bureau of Investigation
Malicious code continues to evolve in an effort to avoid detection by anti-virus products and by pass the security controls of common operating systems. This presentation will discuss current trends in malicious code as well as techniques used to detect and analyze malicious code that avoids anti-virus detection. Additionally, the number of malicious code samples in the wild is far more than any one team of analysts can manually analyze, techniques for automation and correlation of analysis will be discussed and a tool that performs this analysis will be presented.
Speaker Biography:Joseph Opacki is the Technical Program Manager of the Investigative Analysis Unit's Malware Analysis Program at the Operational Technology Division, Federal Bureau of Investigation where he has been employed since 2004. Opacki is also an Adjunct Professor at George Mason University where he teaches reverse engineering in the Master of Computer Forensics program. Previously, he worked for the Defense Intelligence Agency, the Bureau of Diplomatic Security at the U.S. Department of State, and left the United States Marine Corps with the rank of Sergeant. Opacki has a Bachelor of Individualized Study in Multimedia Software Design from George Mason University and a Master of Information Technology from the Virginia Polytechnic Institute and State University.
Jeff Michael- Senior Systems Engineer, FireEye
Whether driven by the art of deception or the need for deception, cyber criminals are taking a much more covert approach to exploiting and infecting systems. Malware is increasingly sophisticated and difficult to detect by using social engineering and leveraging more mainstream applications such as the web and email. Trojans, bots, spyware, rootkits, and advanced persistent threats are just some of the attacks targeting the network every day. Attendees will gain a thorough understanding of modern malware and its implications. This will also include tips on uncovering infected machines and preventing data theft. This session will outline the primary phases of the modern malware infection lifecycle, the goals of each phase, and a better way to protect a company's network.
Speaker Biography:Jeff Michael is a long time security professional with over 10 years in penetration testing, security assessments, malware reverse-engineering, and forensics investigations. Michael has written numerous security courses and has been a presenter at a large number of conferences and shows. Classes that he has written include "Security Open Source", "Hacking Exposed", and "Forensic Analysis 101". He is considered a subject matter expert in computer forensics and investigations. These investigations have included Malware Infections, HTTP code review, Malware analysis, Virus/Trojan analysis, social engineering, and several other techniques. He has worked as a Senior Security Consultant for FireEye, NetWitness, NetForensics, Verisign, ISS, and other security firms. Michael attended Purdue University and holds a bachelor's degree in Electrical Engineering. He holds the following certifications; CISSP, CCSI, CCSE+, CCSE, CCSA, NSA, NCSE, NCSA, ICE.