Skip navigation
  • RSA Conference Twitter
  • RSA Conference Facebook
  • RSA Conference RSS
  • RSA Conference Youtube
  • RSA Conference Flickr
  • RSA Conference LinkedIn
  • RSA Conference iTunes
RSA Conference > Connect > Blog > Tags > hackers_and_threats
Up to Blog Posts in Connect
1 2 Previous Next

Connect

26 Posts tagged with the hackers_and_threats tag
0

Mitja Kolsek, Chief Executive Officer, Acros Security

 

Mitja Kolsek.bmpThose of you familiar with binary planting and DLL hijacking already know that hundreds of applications can be tricked into executing DLLs and executables from remote servers. However, there’s much misunderstanding when it comes to hard technical details. This session will provide concrete instructions and tips for developers, researchers and whitehats with exploit scenarios.

 

In over 12 years of security addiction, Mitja Kolsek has perforated an array of business-critical products, computer systems and protocols by leading software vendors, searching for atypical vulnerabilities and effective ways of fixing them. Kolsek’s passion is security research, discovering new types of security problems, such as “session fixation”, and new twists on the known ones, such as “binary planting”.

 

Download <05:30>

508 Views 0 Comments 0 References Permalink Tags: hackers_and_threats, rsa_conference, podcast, rsac2012, mitja_kolsek, rsa_conference_2012, san_francisco
0

Lukas Hasik, QA Director, Avast Software
Jiri Sejtko, Senior Virus Analyst & Researcher, Avast Software

 

Web-based malware silently waits between the user's machine and the malware distribution servers and is mostly used to mediate local machine infection. The number of infected websites is growing each year and the popular mantra of "browsing known websites is safe - threats come from pornographic and warez sites", is no longer true.

 

hasik_lukas.jpgLukas Hasik is head of Quality Assurance in Avast Software, creator and developer of the leading avast! antivirus. Lukas holds a masters degree in Computer Science. Before joining Avast he spent almost ten years in Sun Microsystems working on various tools for Java developers. Lukas presented about testing, quality assurance, Java tools and platforms on conferences around the world.

 

 

 

 

 

 

 

 

 

 

 

 

 

sejtko_jiri.jpg

Jiri Sejtko is a Senior Virus Analyst & Researcher at the Virus Lab of AVAST Software.  Jiri started working in the Virus Lab in 2006 while studying at the Czech Technical University in Prague. He completed his masters degree in 2009, which researched recognition of encrypted executable files. His work currently targets non-executable malware including web-based malware and exploits. He focuses on the design and programming of the script-scanning elements of the anti-malware scanner and heuristic module.

 

Download <6:26>

605 Views 0 Comments Permalink Tags: hackers_and_threats, podcast, ht1_303, rsac2011, jiri_sejtko, lucas_hasik, rsac11thu
0

Richard Howard, Intelligence Director, iDefense

 

This talk is a discussion about current cybersecurity trends identified in 2010 and manifested in 2011 across the spectrum of cybercrime, cyber war, cyber espionage, cyber hacktivism and cyber terrorism.

RichardHoward.jpgRick spent five years working as the iDefense Intelligence Director and is now the General Manager. He served in the US Army for 23 years and retired as a lieutenant colonel in 2004. He spent the last two years of his career as the US Army's Computer Emergency Response Team Chief (ACERT) coordinating network defense, network intelligence and network attack operations. Rick holds a Master of Computer Science degree from the Naval Postgraduate School and an engineering degree from the US Military Academy, where he also taught computer science later in his military career. He has published many papers on technology and security and most recently contributed as an Executive Editor to the first book published by Verisign / iDefense: “Cyber Fraud: Tactics, Techniques and Procedures.”

 

Download <6:03>

735 Views 0 Comments Permalink Tags: hackers_and_threats, richard_howard, podcast, rsac2011, rsac11fri, ht1_403
0

Roel Schouwenberg, Senior Anti-Virus Researcher, Kaspersky Lab

 

Why attack Windows directly - when attacking Adobe is more effective? Over early 2010, Kaspersky Lab found that almost 50% of detected exploits target Adobe Reader. We will look at the attacks against Adobe software over 2010, as well as improvements Adobe may have made in H2 2010. We end the talk with predictions for 2011 and beyond, based on the above research. Will Adobe remain the main target?

 

Roel-Schouwenberg(3).jpgAs a Senior Anti-Virus Researcher for Kaspersky Lab Americas, Roel Schouwenberg is part of Kaspersky’s Global Research and Analysis Team where he monitors the state of malware in North America, providing advanced analysis of the threats that exist. Within this realm, he focuses on classic virus techniques that are used in today's malware and improving proactive detection capabilities. Additionally, Roel conducts research into file format vulnerabilities such as malicious PDFs. Roel has nearly a decade of malware research and analysis experience in his role as a Senior Anti-Virus Researcher. He is also a founding member of the Anti-Malware Testing Standards Organization (AMTSO) and currently serves as part of AMTSO’s Board of Directors.

 

Download <11:04>

655 Views 0 Comments Permalink Tags: hackers_and_threats, ht1_201, podcast, rsac2011, roel_schouwenberg, rsac11wed
0

Adam Meyers, Director, Cyber Security Intelligence, SRA International

 

As mobile computing devices proliferate the enterprise, more people are raising flags about mobile device security.  One device that is dominant in the enterprise mobile computing world is the ubiquitous BlackBerry®, which has quite a bit of Fear, Uncertainty, and Doubt surrounding its security controls. This presentation aims to set the facts straight by going to the source - literally.

 

Adam Meyers is the Director of Cyber Security Intelligence with the National Products and Offerings Division of SRA International. Mr. Meyers serves as a senior subject matter expert for cyber threat and cyber security matters for a variety of SRA projects. Mr. Meyers provides both technical expertise at the tactical level and strategic guidance on overall security program objectives.

 

Download <5:13>

744 Views 0 Comments Permalink Tags: hackers_and_threats, adam_meyers, podcast, rsac2011, rsac11tues, ht2_107
0

Dawn Cappelli, Technical Manager, Carnegie Mellon University Software Engineering Institute
Joji Montelibano, Insider Threat Security Analyst, Carnegie Mellon University, SEI, CERT Program

 

CERT has developed strategies to help organizations combat insider threat, based on a database of over 400 actual cases and with over nine years of research. To test these proposed strategies, CERT created the Insider Threat Lab to simulate events from actual cases. This panel will present three of these simulations and demonstrate how to best deploy countermeasures against malicious insider IT sabotage activities.

 

Joji Montilebano.jpgJoji Montelibano is a member of the Insider Threat team at CERT. He has over 15 years experience in the fields of software development, network engineering, and security. He began his career as a developer for the petroleum and chemical industries, where he created customized simulation programs for companies such as Shell Oil, Sunoco, and Foster Wheeler. Prior to joining CERT, Joji was a Senior Information Security Analyst for the RAND Corporation, where his main projects focused on securing and ensuring the availability of military networks and communications. He holds an undergraduate degree in Chemical Engineering from Stanford University, and Master’s degrees from Harvard University and the University of Southern California. His certifications include the CISSP, CSTE, CCNP, and ACSA.

 

 

 

Dawn_Cappelli.jpgDawn Cappelli, CISSP, is Technical Manager of CERT’s Enterprise Threat & Vulnerability Management team and the Insider Threat Center at CERT, in Carnegie Mellon’s Software Engineering Institute. Her team assists organizations in improving their security posture and incident response capability by researching threat areas; developing assessment methods; and providing information for preventing, detecting, and responding to illicit activity. Dawn’s focus has been insider threats since 2001, including threat analysis and modeling; assessments; and insider threat workshops. Dawn has 30 years experience in software engineering, technical project management, and information security. Before joining CMU in 1988 she worked for Westinghouse as a software engineer developing nuclear power systems.

 

Download <12:23>

755 Views 0 Comments Permalink Tags: hackers_and_threats, ht2_108, podcast, dawn_capelli, rsac2011, joji_montelibano, rsac11tues
0

Uri Rivner, Head of New Technologies and Identity Protection, RSA, The Security Division of EMC

 

The cybercrime battlefield is changing. Employees, not networks, are now in the front. State-of-the-art trojans, stealthy infection and social engineering plague every Fortune 500 company. What do cybercriminals steal? How do they monetize it? Is it time for a new defense doctrine? In this talk, the RSA Cybercrime Lab will share new research, insights, and nerve-wracking evidence of data already in the wrong hands.

 

thumb_39696_Uri_Rivner.jpgBio: Uri Rivner is responsible at RSA for moving Cybercrime-fighting innovations from concept to reality. He was a key player in the development of risk-based authentication, the RSA eFraud Network and other anti-Cybercrime technologies now used by thousands of organizations worldwide. Rivner joined RSA through the acquisition of anti-fraud company Cyota, where he gained a deep perspective on international fraud. He writes blogs at Finextra (http://www.finextra.com/community/blogs.aspx?mem_id=39696) and RSA Speaking of Security (http://www.rsa.com/blog/blog.aspx?author=rivner)

 

Download <16:06>

627 Views 0 Comments Permalink Tags: hackers_and_threats, uri_rivner, podcast, rsac2011, rsac11wed, ht1_203
0

Janice Niederhofer, Chief Executive Officer and Founder, Peerage Consulting, Inc.

 

Engaging an online predator requires strategic communication skills. Unlike face-to-face communication where body language, voice qualities and language patterns are easily accessible, online communication demonstrates unique challenges. If your intention is to engage, communicate, draw-out and stop an online cyber predator, this presentation is for you.

 

janice_niederhofer.jpgJanice Niederhofer is a retired Special Agent with the Drug Enforcement Administration (DEA);  an internationally acclaimed master communicator/negotiator/interrogator/body language expert training people all over the world, including law enforcement agencies at all levels.  Janice seamlessly blends years of scientific knowledge and real world experience into disarmingly entertaining and mind-stretching presentations.  She cuts to the chase, delivering a high impact, content rich message, leaving you armed with the tactical advantage over your competitors.  Nowhere else will you find this rare blend of a brilliant storyteller with a knack for finding humor in the most unlikely situations, delivering powerful concepts through suspense laden true-life stories from her colorful career.

 

Download <10:06>

616 Views 0 Comments Permalink Tags: hackers_and_threats, podcast, rsac2011, janice_niederhofer, rsac11fri, ht1_401
0

Abhilash Sonwane, Vice President, Product Management and Technology, Elitecore Technologies

 

This session will depict a detailed research into the social media presence of a random sample of 20 businesses and their employees who are active on social networks. The objective is to map out the DNA of the organization, and demonstrate the relative ease with which applications such as Twitter and Facebook can be leveraged to gather advanced business intelligence.”

 

Abhilash V. Sonwane is VP of Product Management and Technology for Cyberoam, a division of Elitecore Technologies Pvt. Ltd, where he is responsible for the product and technology direction of the Cyberoam product line of Unified Threat Management appliances and network security products. Abhilash has around 11 years of experience in developing products & solutions for networking and computer security technologies. Abhilash’s excellent grasp of the security industry and in-depth technical knowledge has been instrumental in the evolution of the Cyberoam brand worldwide.

 

Download <7:06>

1297 Views 0 Comments Permalink Tags: hackers_and_threats, podcast, social_media, rsac2011, abhilash_sonwane, rsac11tues, ht1_107
0

Denis Maslennikov Senior Malware Analyst, Kaspersky Lab

 

The second session illustrates how Russian cybercriminals are utilizing mobile malware to generate profits and take advantage of Russian laws.

 

DenisMaslennikov.jpgDenis Maslennikov was born in 1987. Denis has been with Kaspersky Lab since the beginning of 2007. Working initially as a virus analyst, he is responsible for monitoring the threat landscape, with a specific interest in mobile malware, IM threats and ICQ spam. He became a senior malware analyst in 2008. From 2009 Denis has been heading the Mobile Research Group. He also acts as an expert in the main trends of malware development. Denis joined Global Research and Analysis Team in 2010.

 

Download <8:28>

650 Views 0 Comments Permalink Tags: hackers_and_threats, malware, podcast, rsac2011, denis_maslennikov, rsac11tues, ht1_106b
0

Gopinath K.N. Director, Engineering, AirTight Networks

 

Today, it is well known that wireless is indeed a threat to enterprise network security. However, empirical data that provides insights into the degree of wireless threats in an enterprise is still lacking. This session presents what we believe to be the first-ever empirical analysis of enterprise wireless threat space based on customer deployments.

 

Gopi.jpgGopinath KN has more than 13 years of experience in systems, networks and security. He has devoted the previous eight years to understand wireless security issues and build cutting-edge security systems. He has several patents and technical publications to his credit. Gopi is a speaker, instructor and an author. He has delivered multi-day training sessions and speaks frequently at popular international conferences. Gopi is a regular contributor to several influential technology publications. He has been a member of Bell Labs research, MH, NJ, USA and is currently, Director of Engineering at Airtight Networks. Gopi holds a Master of Technology (MTech.) degree from IIT Kanpur, India.

 

Download <8:36>

691 Views 0 Comments Permalink Tags: hackers_and_threats, podcast, rsac2011, gopinath_kn, rsac11thu, ht1_304
0

Dr. Herbert "Hugh" Thompson, Chief Security Strategist at People Securitysmall.crystalball.JPG

 

Stuxnet, rumblings of cyber-war, the wikileaks aftermath: 2010 has been a tumultuous year for security. Looking forward, cloud-based security is real, mobile device security is moving from interesting to in-plan, privacy is hot, hacktivism is serious, and new security legislation is around the corner. What’s next? What will 2011 hold? Join RSA Conference’s Program Committee Chairman for a look towards the future.

 

small.DSC00787.JPGDr. Herbert "Hugh" Thompson is Chief Security Strategist at People Security and a world-renown expert on application security. He has co-authored several books on the topic and has written more than 80 academic and industrial publications on security. In 2006, he was named one of the "Top 5 Most Influential Thinkers in IT Security" by SC Magazine. He is also adjunct faculty at Columbia University in New York where he teaches courses on computer security. Hugh Thompson is also the Chair of the RSA Conference Program Committee.

 

View Presentation <49:47>

1778 Views 0 Comments Permalink Tags: hackers_and_threats, hugh_thompson, webcast
0

Greg Day, Director of Security Strategy, EMEA McAfee

 

small.hiding.JPGWith some of the largest high tech companies being compromised by Operation Aurora early in 2009 you may wonder if no one is safe from targeted attacks. With APTs come yet a new slew of security solutions. Do we really need yet more security? This session will examine how we actually stop such attacks - and how they can bypass existing security controls. This session was one of the highest rated sessions from RSA Conference Europe 2010.

 

small.greg-day.jpgGreg Day is director of security strategy for McAfee, driving the enablement of business solutions for strategic customer accounts, channel partners and sales teams. He is also the primary analyst of security trends and McAfee strategy in the region. Greg has taken an active role in promoting awareness of today's broader security challenges and has played a key role in a range of initiatives designed to highlight and address these issues, both today and in the future.

 

Greg has since held a number of different roles within McAfee. He was instrumental in founding the company's best practices team and has also worked as a global solutions architect, providing senior consultancy to McAfee's blue chip customers and high-security government offices and remains an active member of McAfee Labs, the company's global threat analysis and response team. He is the EMEA lead for McAfee's cybercrime fighting initiative, working closely with law enforcement agencies, government and private sector groups to tackle and educate on this growing threat.

 

View Presentation <50:11>

1005 Views 0 Comments Permalink Tags: hackers_and_threats, greg_day, rsace2010
0
Joshua Wright
Senior Security Analyst, InGuardians
Senior Instructor, SANS Institute

ZigBee is a vital component of several emerging technologies including smart grid systems, bridging the devices in your home with the electric utility. With the rush to deploy this technology, few organizations have examined the security threats in this wireless protocol. In this session, wireless security expert Joshua Wright will present findings for the security analysis of multiple ZigBee implementations, releasing the KillerBee attack framework designed for pentesting ZigBee technology.

Joshua Wright is a Senior Security Analyst with InGuardians, Inc. and a Senior Instructor with the SANS Institute. A widely recognized expert in the wireless security field, Josh has worked with private and government organizations to evaluate the threat surrounding wireless technology. As an open-source enthusiast, he has developed a variety of tools that can be leveraged to evaluate and exploit weaknesses in complex systems.

Download <8:44>

1272 Views 0 Comments Permalink Tags: hackers_and_threats, 2010, joshua_wright, podcast, zigbee_wireless
0

Mark Risher, Sr. Director of Product Management, Yahoo! Inc.

Hackers and Threats Track

 

Abstract:  Like all Web-based email providers, Yahoo! must contend with attempts to use fraudulently-obtained accounts for abusive purposes.  In this session, Yahoo!’s “Spam Czar”, Mark Risher, and its Director of Anti-Spam Engineering, Vish Ramarao, will discuss how the company used the Apache Hadoop grid computing platform to detect and mitigate these attacks, and provide stories of the intricate cat-and-mouse games played with these insidious spammers.

 

Risher_sized.JPGAs Senior Director of Product Management for Yahoo! Mail, Mark Risher leads product development for the infrastructure, anti-spam, and delivery systems of the one of the world’s leading Web mail services, with 300 million global users. Also known as Yahoo’s “Spam Czar,” Risher coordinates R&D efforts across Yahoo! to wage war on spam and cyber abuse. In addition to technology solutions, Risher works on researching emerging spam trends and developing cutting edge spam-fighting technology.

 

 

 

Watch the Presentation < 8:26 >

849 Views 0 Comments 0 References Permalink Tags: hackers_and_threats, spam, 2010, ht1-301, mark_risher
1 2 Previous Next

Popular Blog Posts