BSidesLA is just a few weeks away, and if you live in or happen to be visiting the Southern California area on August 22nd and 23rd, this is an event you won’t want to miss.
The goal of BSidesLA is to provide a venue for the local SoCal security community to engage with some of the top infosec professionals from around the world in an open, interactive, and community oriented environment.
One of the featured speakers this year is Christopher Elisan (@Tophs), Certified Ethical Hacker, Certified Scrum Master, MCSE, MCSA, MCP and the author of Malware, Rootkits and Botnets: A Beginner’s Guide.
Elisan is a seasoned reverse engineer and malware researcher who is currently the Prinicipal Malware Scientist at RSA, and formerly one of the pioneers of Trend Micro’s TrendLabs.
After his stint Trend, Elisan led and established F-Secure’s Asia R&D where he spearheaded multiple security research projects before then joining Damballa, where he specialized in malware research, analysis and reverse engineering.
Elisan frequently speaks at various security conferences across the US and Canada and provides expert opinion about malware, botnets and advance persistent threats for leading industry and mainstream publications, and BSidesLA is lucky to have him as a presenter this year.
Elisan’s talk examines the issue of why every year we get bombarded with alarming stats on how malware variants have increased dramatically, but yet there is never any clear explanation as to why this is happening.
So what is enabling the bad guys to produce new malware on such a massive scale – and not just any malware, but what seems to be an army of advanced and armored malware?
Elisan’s talk sets out to demystify the malware production process, and provide a glimpse at how attackers have streamlined malware production.
“In this talk, I will take the audience on an over-the-shoulder look at how attackers automate malware production,” Elisan said.
“The discussion will focus on the tools and methodologies the attackers use to produce thousands of malware variants on a daily basis, and will conclude with a live demonstration of how malware is produced in an automated fashion.”
Elisan’s goal is to shed some light on the truth about the staggering amount of malware that is being produced on a regular basis. “It is not only good to be mindful of the stats but we also need to understand what’s the story behind the stats. The real story,” Elisan said.
“This information is not only important for security professionals, but also for the public as well,” Elisan continued. “Understanding the truth behind the numbers will put everything into perspective and will help us, the security professionals, mitigate this onslaught of malware and also educate the masses so they can make educated decisions on what solutions they need.”
Elisan intends for the audience to gain a better understanding of the factors behind the seemingly staggering amount of malware we see reported on a periodic basis by vendors and researchers.
“The audience will also understand the tools and methods the attackers use, and this increased awareness will hopefully give them a much clearer picture of that portion of the overall threat landscape,” Elisan said.
Elisan says that as more attacker tools are created and the skills are commercialized, malware automation will be even more common and development will no longer be limited to only the hardcore attackers with advanced skills, it will also be coming from script kiddies because most of these tools are available online if you know how to look for them.
“We won’t see the volume of being produced malware tapering off anytime soon,” Elisan said.
You can go here for more information on BSidesLA, and the event will include:
- Thursday and Friday during the day there will be a selection of semi-scheduled talks at Dockweiler Youth Center.
- Registration opens at 8:30 AM Thursday and Friday
- Talks start at 9:30 AM on both Thursday and Friday
- Lunch will be provided and will be at 12:00
- Thursday Night After Party on the Beach! Food, firetalks, ocean, and the stars.
- Fireside Talks – Come sit by a fire on the beach and talk after the talks are over. We’ll be having free-form group conversations driven by community-driven questions on relevant topics in the world of security and tech.
- 3D Printing – 3D printing has become a hot topic over the past couple years in the hacker community. Learn about how 3D printers work, play with them, and check out software and hardware that runs them.
The organizers still need sponsors, wranglers, handlers, nuts, looneys, the sane, and those of you that are somewhere in-between, so be sure to invite your friends by posting this on Twitter: “#BSidesLA August 22&23,2013: Discover the next big thing!”
Related: BSidesLV 2013 Featured Sessions
- BSidesLV Preview: The Object Monitor for Enhanced Network Security (OMENS)
- BSidesLV Preview: Fun with WebSockets Using Socket Puppet
- BSidesLV Preview: Open Source Pentesting and Forensic Distribution
- BSidesLV Preview: Vulnerabilities in Application Whitelisting
- BSidesLV Preview: Effective Communication in IT Security
- BSidesLV Preview: Baking Assurance into Software
- SidesLV Preview: Wireless Pen Testing and Assessments
- BSidesLV Preview: Using Machine Learning for Security Analytics
- BSidesLV Preview: Wireless Pen Testing and Assessments
- BSidesLV Preview: No Magic Bullets
P.S. Have you met John Powers, supernatural CISO?
Title image courtesy of ShutterStock