SANS Las Vegas from October 26-27th will debut a new course titled "Embedded Device Security Assessments for the Rest of Us" which will teach students how to assess embedded systems of all varieties on pen tests and in your duties as a security professional. Register Here
Announcements & Shameless Plugs
PaulDotCom Security Weekly - Episode 267 for Thursday November 16th, 2011.
- Check out our new shows: Hack Naked TV with John Strand, Hack Naked At Night with Larry and Darren, PaulDotCom Espanol with Carlos Perez, and our only non-computer security related show dedicated to Cigar Enthusiasts Stogie Geeks with Paul Asadoorian and Tim Mugherini.
- Larry is teaching SEC580 Metasploit Kung Fu for Enterprise Pen Testing in San Antonio, TX December 4-5. Tell them that NYC is where Salsa is being made now. Want 10% off of every class in San Antonio? Use the discount code Larry-SA10.
- Don't forget to Read our blog, Participate on our mailing list, Visit PaulDotCom Insider, Follow us on Twitter, Join the IRC channel at irc.freenode.net #pauldotcom, Watch our Videos and Add us on Facebook where we can be "friends"
- BSides, BSides, BSides everywhere
Guest Interview: Simple Nomad
6:00 PM EDT
Simple Nomad (aka Mark Loveless) is an old school hacker with a varied background that includes a focus in network-based intrusions and defenses. He does not have a security product, book, or service to sell, but at Mitre Corporation, he focuses almost exclusively on what has become known as "the APT", or Advanced Persistent Threat. His background and keen interest in network intrusions and defense, along with such topics as cryptography, reverse engineering, and covert channels have made his day job seem more like a fun hobby than work. When not behind a computer keyboard, he is behind a stack of musical keyboards, playing for the avant-garde metal band Dei Aemeth, and with his own industrial metal band, Cryptonomicon.
Guest Tech Segment: Chris Pogue
Chris is a Senior Security Consultant for the Trustwave SpiderLabs, a Former US Army Signal Corps Warrant Officer and Member of the United States Secret Service Miami Electronic Crimes Task Force, and is Author of “Unix and Linux Forensic Analysis” by Syngress. Chris is on to give us an overview of his forensic methodology known as Sniper Forensics, whose users include both the FBI and the United States Secret Service.
- Why do you consider digital forensics tougher than other forensics fields?
- What's "Shotgun Forensics" and "Sniper Forensics"?
- What are the Guiding Principles for Sniper Forensics?
- Bring us thru Timeline Analysis - what it is and why its important.
- How have attackers changed with respect to memory dumping and other operations?
- Tell us what 3 things all malware must do.
- What are some good tips for malware that's packed or obfuscated?
- Nick indicated there were some interesting cases you were working on. Please share!