Bummer! Sales have ended.
Unfortunately, tickets for this event are no longer on sale.
Come join us for an evening of exploring the common methods used by the "Comment Crew" (APT1) when commiting cyber espionage. Learn how how this threat operates and how to better protect your organization.
For the past few years, Dave has been involved in examining intrusions by a group informally known as Comment Crew -- which are now better known as 'APT1' following the recent release of the report from Mandiant. This group falls into the class of the 'Advanced Persistent Threat' and are known to use compromised web sites to supply command/control to compromised systems.
The talk contains a live demo of an annotated attack against a fictitious company, using custom malware and metasploit. It shows how attackers initially compromise a system, supply commands, install additional malware, gain privileges in post-exploit and loot the network for fun and profit!
This talk is targeted toward beginner/intermediate security practitioners and provides an overview of these types of attack. Whether you are simulating an APT style attack as a penetration tester or trying to defend your organization against similar threats this talk is a great starting point. Depending on interest it will be possible to focus some of the talk on the demo-malware code itself.
Dave Ockwell-Jenner has an extensive background in technology: from building one of the Internet’s earliest major web sites, to helping secure some of the world’s most critical systems. He has led the development of solutions for some of Canada’s most prominent technology companies, including Research In Motion and Nortel. He currently works for a Swiss-based company that specializes in IT and communications for the Air Transport Industry. In this role he has focused on designing and delivering the company's secure software development lifecycle. Through this, Dave regularly trains developers in secure software techniques, and has co-authored the SANS course on Developing Defensible Java EE Solutions. Dave also runs a boutique security consultancy called Prime Information Security, concentrating on information security within Small-to-Medium Businesses. He is a security blogger for TELUS and also co-founded a business networking organization called the Small Business Community Network (SBCN).