$400 Amazon Gift Card with OnDemand Training thru March 10 - Register Today!

Frankfurt December 2019

Frankfurt, Germany | Mon, Dec 9 - Sat, Dec 14, 2019
This event is over,
but there are more training opportunities.
 

Lazarus APT vs Banking Sector: Combining CTI & DFIR to Investigate APT Intrusions

  • Jess Garcia
  • Tuesday, December 10th, 7:00pm - 8:00pm

The Lazarus APT Group, tied to the North Korean government, has been heavily targeting the banking sector worldwide during the last few years. Near 100 million dollars were stolen from the Bank of Bangladesh, which very close became 1 billion dollars, and several others followed. A little later, the whole Polish and Mexican banking sectors were targeted, only to be discovered 4 months later. Extensive Cyber Threat Intelligence was published in Open and Closed Sources about these incidents, allowing Incident Responders in the affected organizations to properly address the Threat, illustrating the key role that CTI plays in DFIR today. In this talk Jess Garcia, who was fighting some of these incidents in the trenches with his team at One eSecurity, will show you how to combine Cyber Threat Intelligence, Forensics and Malware Analysis to carry out an effective Incident Response in the context of an APT Incident.

Location: Ballsaal 1

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
Tuesday, December 10
Session Speaker Time Type
Higher Value Pentesting and Minimum Viable Methodologies Chris Dale Tuesday, December 10th, 6:00pm - 7:00pm SANS@Night
Lazarus APT vs Banking Sector: Combining CTI & DFIR to Investigate APT Intrusions Jess Garcia Tuesday, December 10th, 7:00pm - 8:00pm SANS@Night
5 Years of Applied CTI Discipline: Where Should Organisations Put Focus On? Andreas Sfakianakis Tuesday, December 10th, 8:00pm - 8:30pm SANS@Night
Wednesday, December 11
Session Speaker Time Type
SANS Frankfurt Social Night Wednesday, December 11th, 6:00pm - 8:00pm Special Events
Friday, December 13
Session Speaker Time Type
SANS Frankfurt Xmas Jumper Day Friday, December 13th, 9:00am - 5:00pm Special Events
This event is over,
but there are more training opportunities.
 
Share

#SANSFrankfurt

Latest Whitepapers

A Forensic Analysis of the Encrypting File System
By Ramprasad Ramshankar

Unpacking the Hype: What You Can (and Can't) Do to Prevent/Detect Software Supply Chain Attacks
By Jake Williams

Host Based Intrusion Detection: An Overview of Tripwire and Intruder Alert
By Allison Hrivnak

Last 25 Papers »

Latest Tweets @SANSInstitute

In our next #STARWebcast, featuring @snarejen & @_whatsh [...]
February 28, 2021 - 5:40 PM

Join @KennethGHartman on March 2 at 1:00 PM EST for a #TechT [...]
February 28, 2021 - 1:40 PM

Our very own @lennyzeltser was interviewed by @idgconnect on [...]
February 28, 2021 - 10:35 AM

Contact Us

Mon-Fri: 9am-8pm ET (phone/email)
Sat-Sun: 9am-5pm ET (email only)
301-654-SANS(7267)
info@sans.org

"It was a great learning experience that helped open my eyes wider. The instructor's knowledge was fantastic."
- Manuja Wikesekera, Melbourne Cricket Club

"Because of the use of real-world examples it's easier to apply what you learn."
- Danny Hill, Friedkin Companies, Inc.

"Just amazing content and instruction, it's really a 'must do' for any info sec professional."
- Mark Austin, PHH Mortgage