Social Zombies: Rise of the Mobile Dead
- Kevin Johnson & Tom Eston
- Monday, March 11th, 7:15pm - 8:15pm
Just when you thought "bath salts" were turning innocent humans into flesh eating zombies in Florida... mobile devices have begun taking over the world like an infectious zombie virus outbreak. Tablets and mobile phones are being used by everyone today and are more powerful than ever before. The technology implemented in these devices is truly bleeding edge. From new wireless technology like NFC (Near Field Communication) to social networks being integrated directly into mobile operating systems, the times are rapidly changing. These new technology advancements also introduce privacy and physical security concerns not seen before. In addition, with new technology comes new responsibilities and challenges for security professionals and consumers alike, especially in a world of BYOD.
In this presentation Kevin and Tom explore and exploit the new technology being implemented by these mobile platforms. They have discovered interesting security and privacy issues with Android Jelly Bean, Apple iOS 6, OS X Mountain Lion, NFC, and many popular mobile applications. New tools and exploits will be discussed that can be used by penetration testers to exploit these new technologies. Kevin and Tom will also discuss strategies to combat the ensuing mobile device onslaught. This information alone will help you to survive the Rise of the Mobile Dead.
About Tom Eston:
Tom Eston is the manager of the Profiling and Penetration Team at SecureState. Tom leads a team of highly skilled penetration testers that provide attack and penetration testing services for SecureState's clients. Tom focuses much of his research on new technologies such as social media and mobile applications. He is the founder of SocialMediaSecurity.com which is an open source community dedicated to exposing the insecurities of social media. Tom is a security blogger, SANS Mentor, co-host of the Social Media Security podcast, and is a frequent speaker at security user groups and worldwide conferences including Black Hat, DEFCON, DerbyCon, Notacon, SANS, OWASP AppSec, and ShmooCon.
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into four categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Vendor: Events hosted by external vendor exhibitors.
- Lunch & Learn: Short presentations given during the lunch break.
|General Session - Welcome to SANS||Dr. Eric Cole||Sunday, March 10th, 8:15am - 8:45am||Special Events|
|There's a reason they're called persistent.||H. Michael Nichols, Technical Product Manager||Sunday, March 10th, 12:30pm - 1:15pm||Lunch and Learn|
|Dream Big||Suliman Al-Mazroua||Sunday, March 10th, 12:30pm - 1:15pm||Lunch and Learn|
|Fortinet Next Generation Firewalls||Infogressive Founder & CEO Justin Kallhoff||Sunday, March 10th, 12:30pm - 1:15pm||Lunch and Learn|
|The Good, the Bad and the Broken||Bill Olson, CISSP - Subject Matter Expert for VM||Sunday, March 10th, 12:30pm - 1:15pm||Lunch and Learn|
|Splunk Lunch & Learn||—||Sunday, March 10th, 12:30pm - 1:15pm||Lunch and Learn|
|Rapid7 Lunch & Learn||Paul Chu||Sunday, March 10th, 12:30pm - 1:15pm||Lunch and Learn|
|APT: It is Not Time to Pray, It is Time to Act||Dr. Eric Cole||Sunday, March 10th, 7:15pm - 9:15pm||Keynote|
|Project Management Approach to Yearly PCI Compliance Validation||Michael Hoehl||Sunday, March 10th, 7:15pm - 7:55pm||Special Events|
|Phish Stories: Technical Intervention when Humans Fail||Rich Graves||Sunday, March 10th, 8:00pm - 8:40pm||Special Events|
|Small Business: The New Target -- What Can They Do?||Robert L Comella||Sunday, March 10th, 8:45pm - 9:30pm||Special Events|
|Vendor Solutions Expo||—||Monday, March 11th, 12:00pm - 1:30pm||Vendor Event|
|Vendor Solutions Expo||—||Monday, March 11th, 5:00pm - 7:00pm||Vendor Event|
|Social Zombies: Rise of the Mobile Dead||Kevin Johnson & Tom Eston||Monday, March 11th, 7:15pm - 8:15pm||SANS@Night|
|Knock-off Phone Forensics -Some Handsets Aren't What They Appear To Be||Heather Mahalik||Monday, March 11th, 7:15pm - 8:15pm||SANS@Night|
|Please Keep Your Brain Juice Off My Enigma: a True Story||Ed Skoudis & Josh Wright||Monday, March 11th, 7:15pm - 8:15pm||SANS@Night|
|Over-Zealous Social Media Investigations: Beware the Privacy Monster||Ben Wright||Monday, March 11th, 8:15pm - 9:15pm||SANS@Night|
|Introduction to Windows Kernel Exploitation||Stephen Sims||Monday, March 11th, 8:15pm - 9:15pm||SANS@Night|
|How to Become a SANS Instructor||Eric Conrad||Tuesday, March 12th, 12:30pm - 1:15pm||Lunch and Learn|
|Making the GRC Grade - How to Realize Continuous Compliance||Wallace Sann, Director of Systems Engineering||Tuesday, March 12th, 12:30pm - 1:15pm||Lunch and Learn|
|The Evolution of Vulnerability Management||Jack Daniel, Product Manager||Tuesday, March 12th, 12:30pm - 1:15pm||Lunch and Learn|
|The Windows Desktop: A Hackers Best Friend? It Doesnt Have To Be.||Derek Melber, Microsoft MVP||Tuesday, March 12th, 12:30pm - 1:15pm||Lunch and Learn|
|APTs As a Threat||Aaron Ansari, Director, Eastern US & Canada||Tuesday, March 12th, 12:30pm - 1:15pm||Lunch and Learn|
|Stop Spear-Phishing and Watering Hole Attacks||Chadd Milton||Tuesday, March 12th, 12:30pm - 1:15pm||Lunch and Learn|
|Women in Technology Meet and Greet||Karen Fioravanti||Tuesday, March 12th, 5:30pm - 6:30pm||Special Events|
|GIAC Program Overview||Jeff Frisk, GIAC Program Director||Tuesday, March 12th, 7:15pm - 8:15pm||Special Events|
|Hacking Your Friends and Neighbors For Fun||Joshua Wright||Tuesday, March 12th, 7:15pm - 8:15pm||SANS@Night|
|Panel - How Do We Secure The Human||Panel Members||Tuesday, March 12th, 7:15pm - 8:15pm||SANS@Night|
|Securing the Kids||Lance Spitzner and Rich Wistocki||Tuesday, March 12th, 8:15pm - 9:15pm||SANS@Night|
|InfoSec in the Financial World: War Stories and Lessons Learned||Bryan Simon||Tuesday, March 12th, 8:15pm - 9:15pm||SANS@Night|
|Open Mic Night||Brought to you by SANS Online Training||Tuesday, March 12th, 8:30pm - 10:30pm||Special Events|
|SANS Technology Institute Open House||Ray Davidson||Wednesday, March 13th, 7:15pm - 8:15pm||Special Events|
|Who's Watching the Watchers?||Mike Poor||Wednesday, March 13th, 7:15pm - 8:15pm||SANS@Night|
|Human Nature and Information Security: Irrational and Extraneous Factors That Matter||Lenny Zeltser||Wednesday, March 13th, 7:15pm - 8:15pm||SANS@Night|
|Why Our Defenses Are Failing Us. One Click Is All It Takes...||Bryce Galbraith||Wednesday, March 13th, 8:15pm - 9:15pm||SANS@Night|
|You Can Panic Now. Host Protection is (Mostly) Dead.||Rob Lee||Wednesday, March 13th, 8:15pm - 9:15pm||SANS@Night|
|"Hall of Shame" Apps in the Apple App Store and Google Play||Tom Eston||Wednesday, March 13th, 8:15pm - 9:15pm||SANS@Night|
|Tales from the Crypt: TrueCrypt Analysis||Hal Pomeranz||Thursday, March 14th, 7:15pm - 8:15pm||SANS@Night|
|Finding Unknown Malware||Alissa Torres||Thursday, March 14th, 7:15pm - 8:15pm||SANS@Night|
|Honeypots For Home Use||James Leyte-Vidal||Thursday, March 14th, 7:15pm - 8:15pm||SANS@Night|
|Physical Repair of Mobile Devices - Practical Tips & Tricks For When Good Evidence Gets Broken||Det. Cindy Murphy||Thursday, March 14th, 8:15pm - 9:15pm||SANS@Night|
|Hunting and Sniper Forensics||Jason Lawrence||Thursday, March 14th, 8:15pm - 9:15pm||SANS@Night|