Announcements & Shameless Plugs
PaulDotCom Security Weekly - Episode 268 for Thursday December 1st, 2011.
- Check out our new shows: Hack Naked TV with John Strand, Hack Naked At Night with Larry and Darren, PaulDotCom Espanol with Carlos Perez, and our only non-computer security related show dedicated to Cigar Enthusiasts Stogie Geeks with Paul Asadoorian and Tim "BugBear" Mugherini.
- Larry is teaching SEC580 Metasploit Kung Fu for Enterprise Pen Testing in San Antonio, TX December 4-5. Want 10% off of every class in San Antonio? Use the discount code Larry-SA10.
- Don't forget to Read our blog, Participate on our mailing list, Visit PaulDotCom Insider, Follow us on Twitter, Join the IRC channel at irc.freenode.net #pauldotcom, Watch our Videos and Add us on Facebook where we can be "friends"
- BSides, BSides, BSides everywhere
Guest Interview: Scott Moulton
6:00 PM EDT
Scott Moulton is known both for his trademark 'Forensic Unit' hat and his uncanny knack for finding new data recovery techniques the other experts don't want you to know. Scott is owner of My Hard Drive Died.com and fills his days recovering data from all kinds of storage devices, testifying in court, and teaching others to do data recovery.
- Tell us about cell phone provider retention periods. Are you surprised by Wired's findings?
Guest Tech Segment: Chris Pogue
Chris is a Senior Security Consultant for the Trustwave SpiderLabs, a Former US Army Signal Corps Warrant Officer and Member of the United States Secret Service Miami Electronic Crimes Task Force, and is Author of “Unix and Linux Forensic Analysis” by Syngress. Chris is on to give us an overview of his forensic methodology known as Sniper Forensics, whose users include both the FBI and the United States Secret Service.
- Why do you consider digital forensics tougher than other forensics fields?
- What's "Shotgun Forensics" and "Sniper Forensics"?
- What are the Guiding Principles for Sniper Forensics?
- Bring us thru Timeline Analysis - what it is and why its important.
- How have attackers changed with respect to memory dumping and other operations?
- Tell us what 3 things all malware must do.
- What are some good tips for malware that's packed or obfuscated?
- Nick indicated there were some interesting cases you were working on. Please share!