SC Congress – Day 2 – 11:30am – “Forensics”


KPMGDay 2 – Wed June 12 2013:
11:30am – “Forensics”, hosted by Ron Plesco, managing director, cyber investigations/risk consulting, KPMG

Ron provided a great presentation. He walked the audience through a few examples of malware, how they work and how to detect and clean systems that have been infected (rebuild!). I really want to get the slides for this presentation. I will link to them here if/when I obtain them.

Ron started by giving an overview of Leprechaun Lite, which is a 2 year old malware package that is used to intercept banking info. He explained how it worked and he walked through an example of the malware capturing user data.

Ron shared a fantastic Jimmy Kimmel Anonymous video from YouTube. Too funny! This video was referring to OpUSA, which was supposed to occur on May 7 2013.

Ron summarized the best approach to stopping hackers: “Think like a hacker!” We (as in government, business infosec personnel, law enforcement, etc.) need to be skilled resources who think like hackers, not like PEN testers. That’s the only way we’re going to identify and fix threats before the damage is done.

Ron walked us through the investigation steps for an information security incident. The full steps are exhaustively highlighted in the National Institute of Standards and Technology’s (NIST) Computer Security Incident Handling Guide.

Overall, this was a fantastic presentation: plenty of great material, articulate and engaging speaker and interesting topic.

Advertisements
About

Author, Geek, CF fundraiser & Cancer Survivor. My wife & kids, faith, baseball, infosec & devops are a few of my favorite things.

Tagged with:
Posted in technology
3 comments on “SC Congress – Day 2 – 11:30am – “Forensics”
  1. Push says:

    Reblogged this on Push's InfoSec Corner @push_everything and commented:
    You knew, with all the current events, that something like this was coming.

  2. Push says:

    That video was hilarious! Thanks for sharing Todd!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: