Last Day to Get a MacBook Air, Surface Pro 7, or $350 Off with OnDemand - Register Now!

Frankfurt December 2019

Frankfurt, Germany | Mon, Dec 9 - Sat, Dec 14, 2019
This event is over,
but there are more training opportunities.
 

Lazarus APT vs Banking Sector: Combining CTI & DFIR to Investigate APT Intrusions

  • Jess Garcia
  • Tuesday, December 10th, 7:00pm - 8:00pm

The Lazarus APT Group, tied to the North Korean government, has been heavily targeting the banking sector worldwide during the last few years. Near 100 million dollars were stolen from the Bank of Bangladesh, which very close became 1 billion dollars, and several others followed. A little later, the whole Polish and Mexican banking sectors were targeted, only to be discovered 4 months later. Extensive Cyber Threat Intelligence was published in Open and Closed Sources about these incidents, allowing Incident Responders in the affected organizations to properly address the Threat, illustrating the key role that CTI plays in DFIR today. In this talk Jess Garcia, who was fighting some of these incidents in the trenches with his team at One eSecurity, will show you how to combine Cyber Threat Intelligence, Forensics and Malware Analysis to carry out an effective Incident Response in the context of an APT Incident.

Location: Ballsaal 1

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
Tuesday, December 10
Session Speaker Time Type
Higher Value Pentesting and Minimum Viable Methodologies Chris Dale Tuesday, December 10th, 6:00pm - 7:00pm SANS@Night
Lazarus APT vs Banking Sector: Combining CTI & DFIR to Investigate APT Intrusions Jess Garcia Tuesday, December 10th, 7:00pm - 8:00pm SANS@Night
5 Years of Applied CTI Discipline: Where Should Organisations Put Focus On? Andreas Sfakianakis Tuesday, December 10th, 8:00pm - 8:30pm SANS@Night
Wednesday, December 11
Session Speaker Time Type
SANS Frankfurt Social Night Wednesday, December 11th, 6:00pm - 8:00pm Special Events
Friday, December 13
Session Speaker Time Type
SANS Frankfurt Xmas Jumper Day Friday, December 13th, 9:00am - 5:00pm Special Events
This event is over,
but there are more training opportunities.
 
Share

#SANSFrankfurt

Latest Whitepapers

Benefits and Adoption Rate of TLS 1.3
By Ben Weber

Browser Isolation: A SANS Review of Cyberinc's Isla
By Matt Bromiley

How to Protect All Surfaces and Services in the AWS Cloud
By Dave Shackleford

Last 25 Papers »

Latest Tweets @SANSInstitute

SANS and its highly esteemed faculty of expert practitioners [...]
August 5, 2020 - 4:45 PM

How can you use your free device from your #SANSOnDemand Cou [...]
August 5, 2020 - 3:40 PM

Looking for a role in #cybersecurity? Check out the Internet [...]
August 5, 2020 - 2:35 PM

Contact Us

Mon-Fri: 9am-8pm ET (phone/email)
Sat-Sun: 9am-5pm ET (email only)
301-654-SANS(7267)
info@sans.org

"This has been a great way to get working knowledge that would have taken years of experience to learn."
- Josh Carlson, Nelnet

"Because of the use of real-world examples it's easier to apply what you learn."
- Danny Hill, Friedkin Companies, Inc.

"The perfect balance of theory and hands-on experience."
- James D. Perry II, University of Tennessee