Program Overview

• Adventures in DDoS Analysis

  Ms. Melanie RIEBACK (Radically Open Security)

  Dr. Melanie Rieback is the CEO/Co-founder of Radically Open Security, the world's first not-for-profit computer security consultancy company. Previously, Melanie was an Asst. Prof. of Computer Science at the Free University of Amsterdam (VU) who performed RFID security research (RFID Virus and RFID Guardian) that got worldwide press coverage, and won several awards (VU Mediakomeet, ISOC Award finalist, NWO I/O award, IEEE Percom Best Paper, USENIX Lisa Best Paper). She also worked as a Sr. Engineering Manager on XenClient at Citrix, where she led the Citrix Vancouver office. Melanie was also a Sr. Managing Consultant in the Cyber Crime Expertise and Response Team (CCERT) at ING Bank, where she set up the CCERT Analysis Lab and was the lead technical project manager on the ING Core Threat Intelligence Systems. For fun, she founded the Dutch Girl Geek Dinner in 2008. Melanie was also named 2010 ICT Professional of the Year (Finalist) by WomeninIT, and one of the "400 most successful women in the Netherlands" by Viva Magazine (Viva400) in 2010.

  October 14, 2014 12:15-13:15

• CERT-GOV-GE

  Mr. David KVATADZE (LEPL Data Exchange Agency)

  October 14, 2014 10:15-10:30

  cert-gov-ge_services_first.pdf

  MD5: 33bb3160e81c8f4eddc851dcf1d689d2

  Format: application/pdf

  Last Update: June 7th, 2024

  Size: 3.78 Mb

• Defense of your Energy sector through good incident response

  Ms. Margrete RAAUM (Statnett)

  The energy facilities are increasingly being the target for attacks. With the nature of the systems and the criticality of the services, doing good incident response and having a trust network is becoming increasingly important. We will look at some incidents and some learning processes.

  Margrete Raaum has worked on information security since 1998. She has worked for the Education sector, the ISP community as well the Norwegian Security Authority and National CERT, NSM/NorCERT. She now works for Statnett, the Norwegian Transmission System Operator, on risk assessment and incident response. She is elected member of the board of directors of FIRST leading the work in the energy sector working group.

  October 14, 2014 14:45-15:30

  raaum-incidentresponse.pdf

  MD5: 43228e3e4ad9ef15b647d389c1f862e3

  Format: application/pdf

  Last Update: June 7th, 2024

  Size: 1.33 Mb

• Presentation by the Ukrainian National CERT

  October 14, 2014 16:15-17:00

  2014_first_symposium_tbilisi.pdf

  MD5: f10261311b30696429cb9d34d4d0690f

  Format: application/pdf

  Last Update: June 7th, 2024

  Size: 1.65 Mb

• Shadowserver Report Processing and Analysing System

  Ms. Inna KHOLODOVA

  The increase of different types of malware and compromised hosts requires appropriate actions from network operators. Monitoring systems are necessary to identify such treats.
  Shadowserver Foundation reporting service provides free-of-charge reports on malicious activity. These reports are important to detect vulnerable hosts and mitigate further attacks such as DDoS, Botnet C&C, drones, clickfrauds, compromised systems all over the world. CERT-AM is subscribed to Shadowserver reports and receives country level statistics on all collected data. The introduced software has been developed to distribute this important information to local ISP and operators.

  October 14, 2014 15:30-15:45

  shadowserver_for_share.pdf

  MD5: a872eba3218e92953d416dd97b0a4d02

  Format: application/pdf

  Last Update: June 7th, 2024

  Size: 1.2 Mb

• Snake aka Uroburos - The Big Picture

  Mr. Andrzej DERESZOWSKI (SIGNAL 11)

  The talk will be about an advanced cyber espionage tool used in targeted attacks across Europe. The information about the use of the tool has first hit the public beginning 2014 with a series of disclosures published by security companies and independent researchers. A lot of information has been published since. We will have a look through all this trying to make a bigger picture of Snake-related operations and developments.

  The author is an independent security consultant working for big organizations across Europe. He specializes in malware analysis and APT hunting. In his spare time he is a security researcher and developer of malware analysis tools. He is an active member of the IT security community and promotes sharing of threat intelligence. He is also an occasional speaker at security conferences – he spoke at Black Hat, RECON, TechEd, NATO Cyber Defense Workshop and others.

  October 14, 2014 10:45-11:45

  turla-operations_and_development.pdf

  MD5: e7177c9e12c511d93fd8b4a4cd8fdfed

  Format: application/pdf

  Last Update: June 7th, 2024

  Size: 1.77 Mb

• 2014 FIRST Symposium, Tbilisi
  • Program Overview
  • Travel Information