DFIR on Windows: What do I extract?
Webinar
3h
PLACE OF CELEBRATION
Webinar
DURATION
3h
DESCRIPTION
- Speaker: Lorenzo Martínez Rodríguez
- Topic: Digital Forensics and Incident Response (DFIR).
- Content of the workshop:
- Security incidents.
- Live response vs. post-mortem.
- Types of forensic artefacts: user, system and file system.
- Triage with Wintriage!
- Artifact analysis in Windows: Registry, Trash, Navigation and MFT.
Proactive cybersecurity for Blueteams, ninja techniques for new threats
Webinar
3h
PLACE OF CELEBRATION
Webinar
DURATION
3h
DESCRIPTION
- Speaker: Jose Luis Navarro Adam
- Topic: security advisories and vulnerability identification
- Index:
- Description of the workshop and objective to be achieved
- Deployment of the infrastructure and segmentation of perimeter zones on virtual machines
- Perimeter Firewall configuration
- Deployment and configuration of the SIEM server
- Installation and configuration of the detection and response scripts
- Wargames
- Questions
Practical research procedure in hacktivism cases
Webinar
3h
PLACE OF CELEBRATION
Webinar
DURATION
3h
DESCRIPTION
- Speakers: Iván Portillo Morales and Gonzalo Espinosa Lázaro
- Topic: cyber threat intelligence.
- Content of the workshop:
- The threat to be addressed (Hacktivism).
- Development of the case study:
- Phase 1: Direction and Planning.
- Phase 2: Procurement.
- Phase 3: Analysis and Elaboration.
- Phase 4: Dissemination
- Conclusions and summing up.
Research techniques using Open Source INTelligence techniques
Webinar
3h
PLACE OF CELEBRATION
Webinar
DURATION
3h
DESCRIPTION
- Speaker: Carlos Seisdedos
- Topic: Open Source INTelligence (OSINT).
- Content of the workshop:
- Intelligence.
- Securing the working environment.
- Website research.
- Investigation of natural persons.
- Investigation of legal persons.
- Gathering information on social networks.
- Social network analysis.
- Presentation of results.
- Final online test.
Comprehensive memory forensic malware analysis
Webinar
3h
PLACE OF CELEBRATION
Webinar
DURATION
3h
DESCRIPTION
- Speaker: Ricardo J. Rodríguez
- Topic: Digital Forensics and Incident Response (DFIR).
- Content of the workshop:
- Introduction (memory forensics, process forensics, malware, incident response).
- Preliminary concepts (structure of a process on Windows and Linux).
- Phases of malware analysis vs. phases of forensic analysis.
- Collecting information of interest through Volatility.
- Detecting indicators of compromise.
- Development of own analysis tools.
- Design of evidence analysis workflows.
Investigation of cryptocurrency-related crime
Webinar
3h
PLACE OF CELEBRATION
Webinar
DURATION
3h
DESCRIPTION
- Speaker: Carlos Cilleruelo
- Topic: cryptocurrencies and bank fraud.
- Content of the workshop:
- Context of the use of cryptocurrencies. Not everything is Bitcoin, explaining that there are multiple types, each with its own characteristics.
- What crimes are associated with cryptocurrencies? What cryptocurrencies are used in crime?
- Use of cryptocurrencies in dark markets. Operation of markets for the sale of drugs or weapons on darknets.
- Ransomware and its combination of cryptocurrencies.
- Tax evasion using cryptocurrencies. Use of ATMs to launder cryptocurrencies.
- Other types of laundering using online gambling platforms or debit cards.
- Where are cryptocurrencies stored? Introduction to forensic analysis of wallets and communication exchanges.
- Cryptocurrency analysis tools. What tools are there to analyse cryptocurrency transactions?
- Crime analysis using Graphsense (Practical part of the workshop).
- Current and future issues in the analysis of cryptocurrencies centred on anonymity.
Applied steganography - Detection in forensic scenarios. From stegomalware to polyglots.
Webinar
3h
PLACE OF CELEBRATION
Webinar
DURATION
3h
DESCRIPTION
- Speaker: Alfonso Muñoz Muñoz
- Topic: forensic analysis.
- Content of the workshop:
- Brief overview of the limitation of cryptography in system attacks and cybercrime.
- Steganography. Definition of concepts and classification of techniques.
- Steganography in multimedia content. Concealment and detection.
- Network steganography and covert channels in system breaches.
- Steganography and malware. Stegomalware and polyglots.
Forensic action. Real case of credit card theft in e-commerce
Webinar
3h
PLACE OF CELEBRATION
Webinar
DURATION
3h
DESCRIPTION
- Speaker: Yago Fernández Hansen
- Topic: Digital Forensics and Incident Response (DFIR).
- Content of the workshop:
- Presentation of the workshop. Summary of contents.
- Downloading of the forensic tool by attendees
- Introduction to the actual incident. Credit card theft on a website.
- Premises for action
- Planning
- Obtaining information on infrastructure
- Hands-on lab
- Conclusions, AOCB
Cyber research methodology for National Security
Webinar
3h
PLACE OF CELEBRATION
Webinar
DURATION
3h
DESCRIPTION
- Temática: Intelligence in police investigations.
- Content of the workshop:
- Introduction to the workshop.
- Case study development.
- Steering and planning phase.
- Procurement phase.
- Preparation phase.
- Dissemination phase.
- Conclusions.
Police intelligence and the use of new technologies
Webinar
3h
PLACE OF CELEBRATION
Webinar
DURATION
3h
DESCRIPTION
- Speaker: Carlos Loureiro Montero
- Topic: intelligence in police investigations
- Content of the workshop:
- What is Police Intelligence?
- Applications and areas of police intelligence.
- Police Intelligence and new technologies.
- Brief overview of use cases of Machine Learning in Police Intelligence.
- What is Knime?
- Brief introduction to the platform.
- Step-by-step use of Knime for predicting terrorist actions.
- Example if practice in use