News Releases

Seven Members of Trustwave's SpiderLabs to Speak at DEF CON 18

Written by | Jul 21, 2010 6:19:00 AM

Industry Experts Discuss Cloud Computing, Mobile Devices, Smartmeter Technology, Targeted Malware and Advanced Cyber Forensic Investigation Techniques

CHICAGO (July 21, 2010) -Security experts from Trustwave, the leading provider of information security and compliance solutions, will deliver multiple briefings at DEF CON 18 in Las Vegas, July 30 through August 1. The presentations will be delivered by members of SpiderLabs, the advanced security team at Trustwave responsible for incident response and forensics, penetration testing and application security, and security research.

David Bryan will present Cloud Computing, A Weapon of Mass Destruction? which will review common attack types and how they can be used to disrupt service. He will also review the steps that lead organizations to choose the cloud computing environment, why these environments are good for most businesses, but why they may not meet your regulatory requirements. He will then review mitigation strategies and response programs that can reduce the operational risks when responding to these events.

Nicholas J. Percoco and Christian Papathanasiou will present This is Not The Droid You're Looking For... which will look at the Android smartphone device-platform and potential security vulnerabilities. The presentation will unveil a kernel-level Android rootkit in the form of a loadable kernel module. As a proof of concept, it is able to send an attacker a reverse TCP over 3G/WIFI shell upon receiving an incoming call from a 'trigger number.' This ultimately results in full root access on the Android device. This will be demonstrated live.

Barrett Weisshaar will present The Night the Lights Went out in Vegas - Demystifying Smartmeter Networks, which will look to give the audience a primer on the smartmeter technology that is being deployed in today's utility networks. The presentation will offer a brief history of pitfalls in such technologies, the results of field testing in such an environment in order to highlight security strengths and weaknesses and suggestions for future improvement.

Malware Freakshow 2 will be presented by Nicholas Percoco and Jibran Ilyas, which will expand upon their initial Malware Freakshow presentation delivered at DEF CON 17. This year's talk will explore four new pieces of malware that were obtained during hundreds of compromise investigations conducted by Trustwave's SpiderLabs over the last year. The presentation will include the anatomy of a successful malware attack, a profile on each sample and victim, and a live demonstration of each piece of malware.

Brandon Nesbit will deliver The Games We Play, which will take an in-depth forensic analysis of video games and the systems on which they're played. The presentation will be to identify the types of information useful to a forensics investigation and any other bits of personal information that are found within popular gaming consoles.

SpiderLabs' Chris Pogue will present, Sniper Forensics, which will look at live analysis tools and techniques to target only the systems that are part of a breach. Pogue's presentation will introduce live analysis tools and techniques that can be used by incident responders in their case work to extract more pertinent evidence in less time with more efficiency not available through any other means. Pogue will provide tips, tools, and real world examples of how Sniper Forensics is helping to change the landscape of modern forensic investigations.

David Bryan will also deliver The Keys to Running a Successful DEF CON Group, which will help attendees organize a successful local DEF CON group. The presentation will provide some pointers for capturing people and how to keep them coming back.

"It's incredible to have seven members of our SpiderLabs team present at DEF CON," says Robert J. McCullen, chairman and CEO of Trustwave. "By educating the public about new hacking techniques we're hoping organizations better position themselves against such attacks to better protect their data and consumers' data."

"One of the core goals of the SpiderLabs team is to always explore the latest technology through the mind of a hacker," says Nicholas J. Percoco, senior vice president of SpiderLabs. "By presenting at a premier event like DEF CON, it forces us to continually dig deeper to bring our customers and the security community interesting and relevant topics to discuss."

About Trustwave

Trustwave is a leading provider of on-demand and subscription-based information security and payment card industry compliance management solutions to businesses and government entities throughout the world. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its flagship TrustKeeper® compliance management software and other proprietary security solutions including SIEM , WAF , EV SSL certificates  and secure digital certificates . Trustwave has helped hundreds of thousands of organizations-ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers-manage compliance and secure their network infrastructures, data communications and critical information assets. Trustwave is headquartered in Chicago with offices throughout North America, South America, Europe, Africa, Asia and Australia. For more information, visit https://www.trustwave.com/en-us/.