May 22-25th, starts at Monday, 9:00AM
Enfuse™ is a security and digital investigations conference organized by LIFARS partner, Guidance Software. It is a global event where security experts gather around and discuss the recent trend in the industry and try to solve the problems.
Learn more about Enfuse here.
Founder and CEO at LIFARS LLC
Digital Forensics Examiner at LIFARS LLC
Software Security Engineer at LIFARS
Digital Forensics and Cyber Security Examiner at LIFARS
Digital Forensics on Compromised Web Applications
Presenters: Ondrej Krehel and Michal Hojcska
SamSam ransomware was deployed via web attack with webshell included, and FBI flash alert was released. This lab will cover the way to discover compromise within web applications on both Windows and Linux servers. This includes remote code injection, database manipulation, and remote shell exploits. Various investigative techniques will be presented and analysis of forensics artifacts explored. Database systems connectivity will be explored within web applications, and various scenarios of exploitation and investigation will be presented.
Incident Response, The First 24 Hours
Presenters: Paul Kubler, Sewook Seo
This session will go over the immediate response to a data breach or cyber security incident. From evidence collection and preservation to volatile data analysis and client management. Various tools will be introduced such as wireshark, systools, nirsoft, volatility, and other utilities. Investigator has to address, among others artifacts, threat intelligence, attribution. Attackers TTP, initial vector of compromise, indicators of compromise, and volatile data preservation. The session will take a close look at dynamic security analytics tools to act effectively in a breach case.
Topic: Digital Forensics, Incident Response