|
PRESENTATION:
|
Advanced Persistent Threat: Out-of-band Techniques from the Past, the Present and into the Future
|
|
PRESENTERS:
|
Shane Macaulay and Scott Larson
|
|
CONFERENCE:
|
The United States Cyber Crime Conference 2014
|
|
LOCATION:
|
Leesburg, VA , US
|
|
DATE & TIME:
|
April 29, 2014 at 9:00 AM
|
In this presentation, Shane and Scott will look at malware analysis using hands-on tools and techniques derived from their extensive experience. Combined, Shane and Scott have over a decade’s worth of experience working on engagements in the private sector as well as 25 years working on advanced intrusion investigations in the FBI, joint Department of Defense investigations, the Honeynet Project, and corporate Advanced Persistent Threat (APT) investigations. Their experience spans health care, medical devices, the energy and financial sectors as well as the next ring of targets in the global marketplace outside of the defense and technology sectors.
Shane and Scott will present a detailed examination of various heuristics, reverse engineering, and customized forensic techniques for cloud, network gateway, and host-based systems using anonymized case studies, demonstrations, and technical discussions.
About Shane Macaulay
Shane Macaulay is the Director of Cloud Services for IOActive and is experienced in enterprise-level network and application assessment and consultation.
Macaulay takes a deep, broad approach to security and has worked with every major UNIX distribution, Microsoft platform, and networking operating system. He has contributed to the security community by way of various papers, books, and technical applications, and he has discovered numerous compiler bugs (both native and managed), one of which was used to win the non-obvious source code backdoor contest at DefCon 2010.
Macaulay is an alumni member of the international security group The Honeynet Project and has worked with IBM, Bloomberg, @Stake/Symantec, financial exchanges/firms, and many high-tech industry giants.
About Scott Larson
Scott Larson is a digital forensics, cyber security, cyber crime, and cyber espionage expert who serves as a trusted team member for Fortune 500, law firms, medical non-profits, and governments in data preservation, incident response, and other complex technical, legal and regulatory issues. He worked APT before it was coined APT. Mr. Larson has served as a Court Neutral Expert in the Congressman Jefferson case and as the FBI’s expert for a hack into the U.S. Supreme Court and hacking cases of presidential and congressional campaigns. In 2011, he participated in the White House’s National Security Counsel’s Botnet Mitigation Working Group. Other work includes audit committee investigations, cutting-edge research and development, lab build-outs, embedded staff forensic/analytic knowledge transfer, and out-of-band APT mitigation and remediation through custom techniques. While in the FBI, Mr. Larson led FBIHQ’s Computer Investigations and Infrastructure Program responsible for the operations, personnel, and program budget for the entire FBI. Mr. Larson led the computer portion of the Robert Hanssen spy case and advised the US Attorney’s Office in the Donald Patrick Reagan spy case. He represented the FBI in the G8 and Interpol working groups and participated in numerous DoD investigations and training programs.
About The United States Cyber Crime Conference
The U.S. Cyber Crime Conference is continuing the 12-year tradition of success established by the former DoD Cyber Crime Conference. To keep up with the global cyber threat, the conference is expanding its objective and direction to empower the civilian, defense, and government digital forensics communities (legal, IT, and Criminal Investigative) to team together in the battle against cyber crime. The NEW U.S. Cyber Crime Conference is solely owned and produced by eventPower.
This is the only event of its kind that provides both hands-on digital forensics training and an interactive forum for cyber professionals to network. The conference covers the full spectrum of topics facing defenders as well as law enforcement responders. All aspects of computer crime will be covered, including intrusion investigations, cyber crime law, digital forensics, information assurance, along with research and development, and testing of digital forensic tools.
About IOActive
IOActive is a comprehensive, high-end information security services firm with a long and established pedigree in delivering elite security services to its customers. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment through to semiconductor reverse engineering. Global 500 companies across every industry continue to trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, USA, with global operations through the Americas, EMEA and Asia Pac regions. Visit www.ioactive.com for more information. Follow IOActive on Twitter: http://twitter.com/ioactive.
-###-