Forensics -- Tracking the Hacker
2-Hour Live Event: Tuesday, November 17, 2015
Start Time: 9:00 a.m. US-Pacific/ 12:00 p.m. US-Eastern/ 5:00 p.m. London
Click here to view the recorded web conference.
Click here to view the conference slides.
Click here for the CPE Quiz.
Who Hacked the infrastructure? Was it the Red Hacker in the kitchen with a copy of Burpsuite, the Green Hacker in the coffee shop with a copy of Cain & Abel, or the Blue Hacker in the back of his car? The tools they use are often intriguing, but the greatest curiosity among most of us is usually "How were they caught?" This session will discuss some of the tools used for hacking and some of the forensic tools and techniques that are used to catch the hackers.
Senior Consultant, Information Risk Management, HP Enterprise Security Services
Allan Wall has been working in the IT industry for more than 25 years, and 19 of those years includes experience in the field of information security as a practitioner and manager. He has been involved in the project management of numerous security software implementations, development and integration of information security policy, product training, and pre and post sales security consulting for many international and UK enterprises.
Allen appears regularly as a presenter at information security events and as a workshop facilitator. He has been a guest lecturer for the MSc in Information Security at Royal Holloway University of London where he completed studying full-time for a Masters in Information Security in 2010.
A CISSP for more than 12 years, he is a Founder Associate Member of the Institute of Information Security Professionals, a Fellow of the British Computer Society, and a part of the ISSA UK Chapter management team. In addition to his Masters in Information Security, Allan has a BSc in Biochemistry and Genetics and a Post-Graduate Certificate in Education from Newcastle University (UK).
CEO, Immunity, Inc.
Dave Aitel is an offensive security expert whose company, Immunity, Inc., consults for major financial institutions, Fortune/Global 500s, etc.
At the age of 18, he was recruited by the National Security Agency where he served six years as a “security scientist” at the agency’s headquarters in Fort Meade, Maryland. He then served as a security consultant for @stake before founding Immunity in 2002.
Today, Dave’s firm is hired by major companies to try to hack their computer networks - to find and fix vulnerabilities that criminal hackers, organized crime, and nation-state adversaries could exploit. Immunity is also a past contractor on DARPA’s cyber-weapons project known as Cyber Fast Track. The company is well-known for developing advanced hacking tools used by the security industry, such as Swarm, Canvas, Silica, Stalker, Accomplice, Spike, Spike Proxy, Unmask, and, most recently, Innuendo, the first US-made nation-grade cyber implant with Flame/Stuxnet-like malware capabilities. Immunity has offices in Florida, D.C., Canada, Italy, and Argentina. eWeek Magazine named Dave one of “The 15 Most Influential People in Security.” He is a past keynote speaker at BlackHat and DEFCON. He is a co-author of “The Hacker’s Handbook,” The Shellcoder’s Handbook” and “Beginning Python.” He is also the founder of the prestigious Infiltrate offensive security conference (Businessweek article) and the widely read “Daily Dave Mailing List,” which covers the latest cybersecurity news, research and exploit developments.
Michael Gough, CISSP, CISA, CSIH
Malware Archaeologist and Researcher, Founder, Malware Archaeology, LLC
Michael has 20 years of experience in IT and Information Security. He is currently in the Healthcare sector. Michael has served as a senior security consultant for Hewlett Packard and other consultancies, as a security analyst in the financial and health care sectors, and for the State of Texas. He now focuses his talents as a Blue Team Defender, Incident Responder, malwarian fighter, and malware archeologist, protecting his employer from nefarious ne`er-do-wellers.
With a partner, Michael also ran the BSides Texas Conference entity for six years with events in Dallas, Houston, San Antonio, and Austin, and he led the BSides Austin Conference, helping the community improve their information security talents. In 2012, Michael is credited with discovering malware impacting the gaming industry known as WinNTI, 10 months before Kaspersky released their public report on WinNTI. Michael also discovered and exploited a major Card Key system flaw back in 2010, which can be found on YouTube.
In addition, Michael is co-creator of LOG-MD, a free Windows logging and malicious behavior discovery tool to help defenders improve their Windows logging and discover malicious behavior and malware for Blue Teamers and Incident Responders. Michael also created the Malware Management Framework, a process to help discover and manage malware programs. And lastly Michael also developed several “Windows Logging Cheat Sheets” to provide a starting point on detailed logging for Windows hosts, all of which can be found on his website: Malware Archaeology.com
Ronald L. Chichester, J.D., CISA
Attorney at Law
Experienced in all areas of law involving computers and networks. Particular specialization in computer security, computer crimes, incidence response, electronic discovery, computer forensics, intellectual property (patents, copyrights, trademarks and trade secrets), electronic discovery, analysis and comparison of source code (for copyright infringement and trade secret misappropriation), electronic commerce, identity theft, technology licensing (especially software), data privacy, corporate espionage, database protection and Internet domain name disputes. Former Adjunct Professor of Law at the Univ. of Houston where he taught courses on Intellectual Property, Computer Crime and Electronic Commerce.
Ron is a computer forensic examiner and expert witness for electronic discovery and copyright infringement cases involving computer source code. Thirty-six years of software programming experience. Able to read and to write computer software applications (for desktops and servers) in a variety of languages. Adept at making database-oriented software programs for Internet applications. Writes his own software applications for specialized electronic discovery and computer forensic matters.
Ron holds a Juris Doctorate from University of Houston, and a M.S. and B.S. in Aerospace Engineering from University of Michigan.