A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


A deep look into a Chinese advanced attack. Understand it, learn from it and how to detect and defend against attacks like this. - Michael Gough Derbycon 2015 (Hacking Illustrated Series InfoSec Tutorial Videos)

A deep look into a Chinese advanced attack. Understand it, learn from it and how to detect and defend against attacks like this.
Michael Gough
Derbycon 2015

Length: 50 mins: Many say the Chinese are behind many attacks on US companies. In this case, it is true. The Chinese have been successfully attacking this industry for years. We managed to detect and eradicate their attacks year after year and they up their game each time. The latest attack is more sophisticated and avoided many techniques we used to detect them in the past, but not all. What if I were to tell you that I could infect your management, backup and Anti-Virus software and use it to persist my malware on reboot? This talk will describe what the malware did, how it works, where it hides, how it persisted and how we detected it. We must learn from and understand advanced attacks to better defend ourselves from these persistent adversaries. This talk will discuss what tools worked and why as well as walk you through what the malware did in detail.

Michael, is an information security professional, blue team defender, malware archaeologist and logoholic. Michael discovered a flaw with cardkey systems and vulnerabilities with leading security products which led to responsible disclosure. Michael developed the ‰ÛÏMalware Management Framework‰Û to improve malware discovery and detect and response capabilities. Michael authored the ‰ÛÏWindows Logging Cheat Sheet‰Û to help the industry understand Windows logging, where to start and what to look for. Michael's background includes 20 years of security consulting for Fortune 500 organizations with HP, health care, financial and gaming industries. Michael also ran BSides Texas for five years for the Austin, San Antonio, Dallas and Houston cons. Now Michael defends against malefactors and ne'er-do-weller's trying to p0wn their employer's assets.

@HackerHurricane

Back to Derbycon 2015 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast