Program Overview
FIRST Technical Colloquium
Mr. Aldo ALBUQUERQUE (Tempest), Mr. Ricardo ULISSES (Tempest)
In this presentation we explore the Brazilian cybercrime underbelly and expose its guts. Gathering information of 4 years of ongoing monitoring and analysis, we bring to light data and metrics on general cybercrime activity in the country and provide plenty of real examples of enterprises carried out by the miscreants which run the scene. The full picture shows a diverse, creative and sometimes advanced scenario, with heavy use of social engineering techniques and automation.
October 27, 2014 15:00-16:00
Case Study: How Network Forensics saved an ISP
Mr. Javier ROMERO (JaCkSIRT)
This is a case where early days of packet capture and network forensics helped to legal department of an ISP to save the company against a accusation of a DNS Cache Poisoning Attack in its infraestructure.
Este es el caso de los primigenios días de la captura de paquetes y la investigación digital de la red y de cómo ayudaron a un departamento legal de un ISP a construir sus argumentos a favor, luego de ser acusados por irresponsable inseguridad en sus sistemas DNS por un supuesto ataque de envenenamiento de caché.
October 27, 2014 11:45-12:30
Incident Handling Coordination and Cooperation: Lessons Learned from the 2014 World Cup
Ms. Hoepers CRISTINE (CERT.br/NIC.br)
Since 2012 Brazil has had four Major Internacional Events that required Incident Handling Coordination among the CSIRTs established in the Country. In this presentation we will share some lessons learned from these events from the point of view of cooperation of the various teams in the Country, and how events like "hacktivism" and the media interest impacted the daily operations.
October 27, 2014 16:30-17:00
Report on the IGF Best Practices Forum
Ms. Cristine HOEPERS (CERT.br/NIC.br)
Internet Security and Stability has been a growing topic of interest in the Political Arena, specially in the Internet Governance related forums and discussions. In April 2014 the NETmundial Event brought together more than 100 countries to discuss the future of the Internet, and Security and Incident Response were some of the Major Topics. This discussion lead to the creation of the Best Practices Forums at the Internet Governance Forum. This presentation will give an overview of these activities so far and discuss the activities planned for the next year regarding Best Practices for the Creation of CSIRTs for Internet Security.
October 27, 2014 09:15-09:45
Summer of Breaches: Lessons Learned from US-CERT
Mr. Omar CRUZ (US-CERT)
Brief Summary (Abstract): During the summer of 2014, US-CERT played a role in identifying and responding to multiple major breaches of private and sensitive information at US companies and government agencies. This talk will provide an overview of the major incidents we have recently dealt with, US-CERT's role, and how we handled each one. This is a unique opportunity for US-CERT to share some of our lessons learned from handling multiple high-profile incidents simultaneously while still striving to look out for new threats and attack campaigns.
October 27, 2014 11:00-11:45
