The South Florida ISSA September 2010 meeting will be held on Thursday, September 16, 2010 from 3:30pm - 5:30pm at Nova Southeastern University - Carl DeSantis Bldg - Room 1124.
Topic: A Look Inside the PDF Attack Vector
Many organizations regard Portable Document Format (PDF) files as a trusted and benign file type and accept them as the De-facto standard for publishing, and exchanging information via email attachments, the Internet, and just about every electronic media sharing technology available. PDF files are generally not regarded by these organizations as a powerfully enriched document format with an ever growing and expanding functionality, but regarded more in the sense of an enriched text but benign document format. The real truth behind PDF files is they are a very feature rich document format with capabilities built into PDF reading applications such as a JavaScript Engine, media playing functionality, data compression routines, and several application level access capabilities. Criminal organizations and Malware authors have coupled this established trust and acceptance of the PDF file format with their expanded knowledge of the PDF file specifications to create new vectors of attack against our networks and end users. This presentation covers what a PDF file is, PDF available functionalities, the vectors for attacks used by Malware authors in the past, the forensic investigation tools that can be utilized to find these attacks, and a demonstration of new vectors that have yet to be fully taken advantage of by Malware authors, but could very easily be to increase the effectiveness of their Malware distribution and infection rates.
Jeremy Conway is a Senior Security Researcher for NitroSecurity where he performs threat and security research to drive new product development and enhancements. Previously Jeremy was a Senior Information Technology Security Engineer within the NASA Integrated Service Network (NISN). Jeremy’s formal education includes a Masters Degree in Information Security Management from Colorado Tech and a Bachelors degree Computer Science with a Minor in Mathematics from the University of Alabama. Jeremy's professional certifications include: the CISSP, MCSE:Security 2003, SnortCP, Certified Reverse Engineer Analyst (CREA), GIAC GSEC and GISSP, CCNA, Certified Ethical Hacker (CEH), and Certified Security Analyst (ECSA).
Topic: Recent Windows Exploits - DLL Hijacking & Anti-Virus Surprise
Computer users have an abundance of tools to protect them from viruses, malware, and exploits. All it takes is 1 exploit to own a machine and render all the tools ineffective. Marketing budgets exist to sell security tools but they may not be accurate in the way they present the effectiveness of the tools you rely on for your protection. In this presentation, we will explore 2 of the recent exploits including .dll hijacking as well as an exploit from the past and discuss how all the tools on your machine may be asleep on the job.
Jason Malley, CISSP is a South Florida Native who is a Compliance Analyst for a Fortune 500 Company. He has a diverse background from working on Wall Street computer networks to providing consulting regarding compliance and security to several local South Florida companies headquartered here. Jason is a member of ISC2, ISSA, Infragard, and HackMiami.
FREE CPE CREDITS! Did you know you earn 2 CPE credits for attending an ISSA Meeting? If you are a CISSP and you provide your CISSP number at registration, we will submit your CPE credits automatically for you.
This event will be held at:
NOVA SOUTHEASTERN UNIVERSITY
Room 1124, Carl DeSantis Building, Main Davie Campus
3301 College Ave Fort Lauderdale, FL 33314-7796
Phone: 800-541-NOVA (6682)
