Monthly Archives: January 2009

Upcoming Jan & Feb Events Where We Are Presenting Research

We're sharing our research at the upcoming ISOI6, the US Dept of Defense Cyber Crime conference, Internet2 Joint Techs, and at ShmooCon. If you are attending any of those events, we'd love to meet you in person!  Alex talks about McColo, I'll be discussing Web malware in government networks, Stu covers the latest in malware obfusction tactics, and Julia dives into the Srizbi botnet takedown.  For Dates, times, topics, & locations, please read on.

A few more details for those in the area / attending:

Internet Security Operations and Intelligence (ISOI) 6

Jan. 29 in Dallas, TX

Alex speaks on the topic of McColo on Jan 29 at 15:30.  He'll discuss our efforts in working with coordinating bodies of the Internet and the press to facilitate the disconnection of McColo from the Internet. He'll also discuss how McColo (and botnet C&Cs hosted there!) re-connected to the Internet and what the bot herders may have done during that brief time.

U.S. Department of Defense (DoD) Cyber Crime

Conference 2009

Jan. 30 in St. Louis, MO

I'll be speaking on the topic, "Web Malware: Combating the New Keys to the Kingdom."  My session is this Friday, Jan 30 from 11:00 to 11:50 a.m. as part of the Information Assurance Track. I'll cover the threat and how today's countermeasures have been largely ineffective in preventing both the initial Web malware intrusions and the subsequent call backs to C&C infrastructures. I'll also examine the malware infection cycle and discuss how government agencies can take preventative measures.

Internet2 Joint Techs

Feb. 4 in College Station, TX

Stu's speaking on the topic, "Web Malware Tech: Obfuscation and other Evasion Techniques". His session is next Wed, Feb 4 from 8:50am till 9:10am where he talks about the increasing criminal sophistication of Web malware. He covers how a deadly cocktail of threats such as phishing spam containing URLs that load Web pages laced with obfuscated code has made almost all security technologies obsolete. For example, pretty much all serious Web malware infections use obfuscation as a way to infiltrate via port 80.

ShmooCon 2009

Feb. 6 in Washington, DC

Julia's session (The Srizbi Botnet Takedown) is during the Main Track day on Feb 6 at 17:00.  Julia covers how FireEye was able to hijack the Srizbi botnet, which was responsible for about 75% of all of the spam worldwide.

Hope to see a few of you there!