SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsFor one week in February of 2015, the largest personal computer manufacturer in the world had a Terrible, Horrible, No Good, Very Bad Week. Lenovo's customers discovered that the company had been selling computers with pre-installed adware based software from a company called Superfish. Security researchers discovered that Superfish was not just annoying, but opened up the customers to significant vulnerabilities. Lizard Squad, a hacker group, retaliated by hijacking the lenovo.com domain name and redirecting traffic to their own propaganda site. This case study will investigate Superfish, how it works, why it was used, how dangerous it can be, and the players who developed it. But first, this paper will explore the Lenovo domain hacks, how they work, and who was behind it.
Shaun McCullough spent 20+ years at the NSA working in cyber operations as a software engineer and technical director of Blue, Red, and Hunt teams. He is currently a staff level Cloud Security Engineer at GitHub.
Read more about Shaun McCullough