Loading Events

« All Events

  • This event has passed.

ISSA-LA October Lunch Meeting

October 16, 2013 @ 11:30 am - 1:45 pm

Register Now

Topic: How threat actors are using your databases against you – Hacking databases to maintain access to your network

Economic Crime threat actors continue to increase their sophistication and their ability to gain and maintain access to an organization’s network for an extended period of time.  This presentation will discuss many of the tactics we have observed based on our actual network intrusion investigations over the past few years.  Attendees will learn how the threat actors gain access, use databases to conduct reconnaissance and, how they identify the crown jewels located inside the databases. In our presentation, we will identify the tools and tactics used by threat actors to exploit external web servers and leverage legitimate connections to database system to conduct their malicious activities.  By leveraging legitimate connectivity to the databases, the actors are able to bypass many of the traditional security controls on the operating system and leave very little evidence of the attack.

  • We will show you a live demonstration of how these attacks are conducted

  • How threat actors use databases to conduct network AND database reconnaissance

  • How threat actors are able to identify the crown jewels in the database very quickly

By attending this session you will be able to learn key vulnerabilities threat actors are using to gain access to your network.  You will learn effective methods to prevent, detect and contain these types of attacks.  We will identify key controls that should be in place on your databases in order to protect your crown jewels once the threat actors have accessed your databases.

Speakers: Jeff Lowell & Leigh Ulpen

Leigh Ulpen is a Manager in PwC’s Forensics Services practice with 7 years of experience in the fields of forensic investigations, regulatory response, litigation support, databases and data analysis. Mr. Ulpen has worked with banking and high technology clients globally, providing custom solutions, services and support for key initiatives. Additionally Leigh provides SQL Server forensic and database support for cybercrime investigations and incident response engagements. Recently Leigh helped with a large data breach investigation to rebuild and understand the workings of a targeted attack. Leigh holds a Bachelor of Applied Science majoring in Information Technology from the Royal Melbourne Institute of Technology in Australia.

Jeffrey Lowell is a Manager in PwC’s Forensic Services with over 8 years of experience in the fields of computer forensics, cybercrime, and electronic discovery.  At PwC, he has helped lead investigations into network intrusions, data breaches and hacking incidents involving large corporations responding to attacks in areas of financial fraud, intellectual property theft, insider threats and web site defacements. Prior to PwC, he worked at Navigant and KPMG LLP focusing on complex electronic discovery matters involving bankruptcy,  mortgage fraud, and stock back dating where he was responsible for forensic data collections, native file processing and document productions. He holds his Bachelor’s degree in Information Management and Technology from Syracuse University and is an Encase Certified Examiner (EnCE).


October 2013 Sponsor - Guidance Software

Guidance Software is recognized worldwide as the industry leader in digital investigative solutions. Its EnCase® Enterprise platform is used by numerous government agencies, more than 65 percent of the Fortune 100, and more than 40 percent of the Fortune 500, to conduct digital investigations of servers, laptops, desktops and mobile devices. Built on the EnCase Enterprise platform are market-leading electronic discovery and cyber security solutions, EnCase® eDiscovery, EnCase® Cybersecurity, and EnCase® Analytics. They empower organizations to respond to litigation discovery requests, perform sensitive data discovery for compliance purposes, conduct speedy and thorough security incident response, and reveal previously hidden advanced persistent threats or malicious insider activity. For more information about Guidance Software, visit www.encase.com.

Register early online before the Monday prior to the the event, and get a $10 discount!
ISSA-LA Members & Members of other ISSA chapters, OWASP, ISC2, CSA & Students: $20
Non-Members: $30

Please follow the link to register for this event:  http://issalalunchmeeting.eventbrite.com



October 16, 2013
11:30 am - 1:45 pm
Event Category: