Enfuse Conference

May 22-25th, starts at Monday, 9:00AM

Enfuse™ is a security and digital investigations conference organized by LIFARS partner, Guidance Software. It is a global event where security experts gather around and discuss the recent trend in the industry and try to solve the problems. 

Learn more about Enfuse here.

Ondrej Krehel

Founder and CEO at LIFARS LLC

Paul Kubler

Digital Forensics Examiner at LIFARS LLC

Michal Hojcska

Software Security Engineer at LIFARS

Sewook Seo

Digital Forensics and Cyber Security Examiner at LIFARS

Digital Forensics on Compromised Web Applications

Presenters: Ondrej Krehel and Michal Hojcska

SamSam ransomware was deployed via web attack with webshell included, and FBI flash alert was released. This lab will cover the way to discover compromise within web applications on both Windows and Linux servers. This includes remote code injection, database manipulation, and remote shell exploits. Various investigative techniques will be presented and analysis of forensics artifacts explored. Database systems connectivity will be explored within web applications, and various scenarios of exploitation and investigation will be presented.


Incident Response, The First 24 Hours

Presenters: Paul Kubler, Sewook Seo

This session will go over the immediate response to a data breach or cyber security incident. From evidence collection and preservation to volatile data analysis and client management. Various tools will be introduced such as wireshark, systools, nirsoft, volatility, and other utilities.  Investigator has to address, among others artifacts, threat intelligence, attribution. Attackers TTP, initial vector of compromise, indicators of compromise, and volatile data preservation.  The session will take a close look at dynamic security analytics tools to act effectively in a breach case.


Topic: Digital Forensics, Incident Response