Get a MacBook Air with Online Courses Now

SANS 2013

Orlando, FL | Fri, Mar 8 - Fri, Mar 15, 2013

Social Zombies: Rise of the Mobile Dead

  • Kevin Johnson & Tom Eston
  • Monday, March 11th, 7:15pm - 8:15pm

Just when you thought "bath salts" were turning innocent humans into flesh eating zombies in Florida... mobile devices have begun taking over the world like an infectious zombie virus outbreak. Tablets and mobile phones are being used by everyone today and are more powerful than ever before. The technology implemented in these devices is truly bleeding edge. From new wireless technology like NFC (Near Field Communication) to social networks being integrated directly into mobile operating systems, the times are rapidly changing. These new technology advancements also introduce privacy and physical security concerns not seen before. In addition, with new technology comes new responsibilities and challenges for security professionals and consumers alike, especially in a world of BYOD.

In this presentation Kevin and Tom explore and exploit the new technology being implemented by these mobile platforms. They have discovered interesting security and privacy issues with Android Jelly Bean, Apple iOS 6, OS X Mountain Lion, NFC, and many popular mobile applications. New tools and exploits will be discussed that can be used by penetration testers to exploit these new technologies. Kevin and Tom will also discuss strategies to combat the ensuing mobile device onslaught. This information alone will help you to survive the ÔRise of the Mobile DeadÔ.

About Tom Eston:

Tom Eston is the manager of the Profiling and Penetration Team at SecureState. Tom leads a team of highly skilled penetration testers that provide attack and penetration testing services for SecureState's clients. Tom focuses much of his research on new technologies such as social media and mobile applications. He is the founder of SocialMediaSecurity.com which is an open source community dedicated to exposing the insecurities of social media. Tom is a security blogger, SANS Mentor, co-host of the Social Media Security podcast, and is a frequent speaker at security user groups and worldwide conferences including Black Hat, DEFCON, DerbyCon, Notacon, SANS, OWASP AppSec, and ShmooCon.

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into four categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Vendor: Events hosted by external vendor exhibitors.
  • Lunch & Learn: Short presentations given during the lunch break.
Sunday, March 10
Session Speaker Time Type
General Session - Welcome to SANS Dr. Eric Cole Sunday, March 10th, 8:15am - 8:45am Special Events
There's a reason they're called persistent. H. Michael Nichols, Technical Product Manager Sunday, March 10th, 12:30pm - 1:15pm Lunch and Learn
Dream Big Suliman Al-Mazroua Sunday, March 10th, 12:30pm - 1:15pm Lunch and Learn
Fortinet Next Generation Firewalls Infogressive Founder & CEO Justin Kallhoff Sunday, March 10th, 12:30pm - 1:15pm Lunch and Learn
The Good, the Bad and the Broken Bill Olson, CISSP - Subject Matter Expert for VM Sunday, March 10th, 12:30pm - 1:15pm Lunch and Learn
Splunk Lunch & Learn Sunday, March 10th, 12:30pm - 1:15pm Lunch and Learn
Rapid7 Lunch & Learn Paul Chu Sunday, March 10th, 12:30pm - 1:15pm Lunch and Learn
APT: It is Not Time to Pray, It is Time to Act Dr. Eric Cole Sunday, March 10th, 7:15pm - 9:15pm Keynote
Project Management Approach to Yearly PCI Compliance Validation Michael Hoehl Sunday, March 10th, 7:15pm - 7:55pm Special Events
Phish Stories: Technical Intervention when Humans Fail Rich Graves Sunday, March 10th, 8:00pm - 8:40pm Special Events
Small Business: The New Target -- What Can They Do? Robert L Comella Sunday, March 10th, 8:45pm - 9:30pm Special Events
Monday, March 11
Session Speaker Time Type
Vendor Solutions Expo Monday, March 11th, 12:00pm - 1:30pm Vendor Event
Vendor Solutions Expo Monday, March 11th, 5:00pm - 7:00pm Vendor Event
Social Zombies: Rise of the Mobile Dead Kevin Johnson & Tom Eston Monday, March 11th, 7:15pm - 8:15pm SANS@Night
Knock-off Phone Forensics -Some Handsets Aren't What They Appear To Be Heather Mahalik Monday, March 11th, 7:15pm - 8:15pm SANS@Night
Please Keep Your Brain Juice Off My Enigma: a True Story Ed Skoudis & Josh Wright Monday, March 11th, 7:15pm - 8:15pm SANS@Night
Over-Zealous Social Media Investigations: Beware the Privacy Monster Ben Wright Monday, March 11th, 8:15pm - 9:15pm SANS@Night
Introduction to Windows Kernel Exploitation Stephen Sims Monday, March 11th, 8:15pm - 9:15pm SANS@Night
Tuesday, March 12
Session Speaker Time Type
How to Become a SANS Instructor Eric Conrad Tuesday, March 12th, 12:30pm - 1:15pm Lunch and Learn
Making the GRC Grade - How to Realize Continuous Compliance Wallace Sann, Director of Systems Engineering Tuesday, March 12th, 12:30pm - 1:15pm Lunch and Learn
The Evolution of Vulnerability Management Jack Daniel, Product Manager Tuesday, March 12th, 12:30pm - 1:15pm Lunch and Learn
The Windows Desktop: A Hackerâs Best Friend? It Doesnât Have To Be. Derek Melber, Microsoft MVP Tuesday, March 12th, 12:30pm - 1:15pm Lunch and Learn
APTs As a Threat Aaron Ansari, Director, Eastern US & Canada Tuesday, March 12th, 12:30pm - 1:15pm Lunch and Learn
Stop Spear-Phishing and Watering Hole Attacks Chadd Milton Tuesday, March 12th, 12:30pm - 1:15pm Lunch and Learn
Women in Technology Meet and Greet Karen Fioravanti Tuesday, March 12th, 5:30pm - 6:30pm Special Events
GIAC Program Overview Jeff Frisk, GIAC Program Director Tuesday, March 12th, 7:15pm - 8:15pm Special Events
Hacking Your Friends and Neighbors For Fun Joshua Wright Tuesday, March 12th, 7:15pm - 8:15pm SANS@Night
Panel - How Do We Secure The Human Panel Members Tuesday, March 12th, 7:15pm - 8:15pm SANS@Night
Securing the Kids Lance Spitzner and Rich Wistocki Tuesday, March 12th, 8:15pm - 9:15pm SANS@Night
InfoSec in the Financial World: War Stories and Lessons Learned Bryan Simon Tuesday, March 12th, 8:15pm - 9:15pm SANS@Night
Open Mic Night Brought to you by SANS Online Training Tuesday, March 12th, 8:30pm - 10:30pm Special Events
Wednesday, March 13
Session Speaker Time Type
SANS Technology Institute Open House Ray Davidson Wednesday, March 13th, 7:15pm - 8:15pm Special Events
Who's Watching the Watchers? Mike Poor Wednesday, March 13th, 7:15pm - 8:15pm SANS@Night
Human Nature and Information Security: Irrational and Extraneous Factors That Matter Lenny Zeltser Wednesday, March 13th, 7:15pm - 8:15pm SANS@Night
Why Our Defenses Are Failing Us. One Click Is All It Takes... Bryce Galbraith Wednesday, March 13th, 8:15pm - 9:15pm SANS@Night
You Can Panic Now. Host Protection is (Mostly) Dead. Rob Lee Wednesday, March 13th, 8:15pm - 9:15pm SANS@Night
"Hall of Shame" Apps in the Apple App Store and Google Play Tom Eston Wednesday, March 13th, 8:15pm - 9:15pm SANS@Night
Thursday, March 14
Session Speaker Time Type
Tales from the Crypt: TrueCrypt Analysis Hal Pomeranz Thursday, March 14th, 7:15pm - 8:15pm SANS@Night
Finding Unknown Malware Alissa Torres Thursday, March 14th, 7:15pm - 8:15pm SANS@Night
Honeypots For Home Use James Leyte-Vidal Thursday, March 14th, 7:15pm - 8:15pm SANS@Night
Physical Repair of Mobile Devices - Practical Tips & Tricks For When Good Evidence Gets Broken Det. Cindy Murphy Thursday, March 14th, 8:15pm - 9:15pm SANS@Night
Hunting and Sniper Forensics Jason Lawrence Thursday, March 14th, 8:15pm - 9:15pm SANS@Night