[ProgSoc] Fwd: Ruxmon Sydney - Friday 19th August 2016

Leefe 3trk at progsoc.org
Thu Aug 18 21:49:09 AEST 2016


Hi Progsocers,

The latest Runmon is tomorrow night, down at Google in Pyrmont.

This month’s IT security talk is on Digital Forensics, and how to deal with people trying to cover their tracks.

Go rub shoulder with some of the Sydney IT security community, they don’t bite.
(Well, only the pizza)


Leefe
http://www.progsoc.org/~3trk/

Begin forwarded message:

> From: Berne <sydney at ruxmon.com>
> Subject: Ruxmon Sydney - Friday 19th August 2016
> Date: 17 August 2016 12:31:45 pm AEST
> 
> Ruxmon Sydney announcement
> View this email in your browser
> 
> Ruxmon Sydney
> We're happy to announce that next Friday marks the first Ruxmon Sydney meeting of the year. Ruxmon Sydney is scheduled to run on the 3rd Friday of every month.
> 
> Date: Friday 19th August
> Time: 6:00PM
> Location: Google Sydney, 5/48 Pirrama Road, Pyrmont
> http://www.ruxmon.com/sydney
> 
> Each month one to two speakers from the local security community will share their knowledge on a security topics ranging from introductory/beginner level to more advanced topics. Presentations are followed up with a catchup at the local pub.
> 
> Everyone is welcome and encouraged to attend, especially newcomers. 
> 
> To ensure that this event is successful and can continue to grow in Sydney, we are asking for volunteers to speak at meetings in the coming year. Ruxmon presentations are intended to be lightning or short talks (between 10-30 minutes). We are especially interested in pet projects you are working on. If you are interested please email ruxcon at ruxcon.org.au or talk to us at the meeting.
> 
> Presentations
> 
> Anti-anti-forensics ... How to survive (USB) oblivion - Nick Klein
> 
> One of the more interesting challenges in digital forensics is reconstructing the use of "anti-forensic" tools and techniques that users employ to cover their tracks. Such tools can perform a range of functions, such as clearing Internet history, wiping files or erasing document history. But just how effective are they? How should a forensic examiner approach them?
> 
> In this presentation, SANS Certified Instructor and experienced digital forensic examiner Nick Klein will dissect one such tool - USB Oblivion - to see exactly how well it works, and what forensic artifacts it actually leaves behind. 
> 
> Drawing upon tools and methods that Nick teaches in SANS forensic courses, he will demonstrate how to effectively identify the use of this tool, recover some of the evidence it 'wipes' and still reconstruct the user's USB activity.
> 
> Bio
> 
> Nick Klein is a recognised international expert in computer forensic analysis, technology investigations, computer systems interrogation and the presentation of expert evidence in legal and other proceedings.
> 
> ​Prior to founding Klein & Co., Nick was a senior member of the largest corporate forensic practice in Australia, leading teams on investigations and electronic discovery engagements across Australia and internationally. 
> 
> Nick was also previously a Team Leader in the High Tech Crime team of the Australian Federal Police, where he provided technical expertise to local and international police investigations and intelligence operations. 
> 
> ​He has presented expert evidence in both civil and criminal matters in Australia and overseas, including leading the computer forensic evidence for the AFP in the Bali bombing trials in Indonesia and providing expert testimony in Australia's first Commonwealth cybercrime prosecution.
> 
> ​Nick is also a Certified Instructor with the prestigious SANS Institute, one of a small group internationally and the only Certified SANS DFIR Instructor in the Asia Pacific region.
> 
> Symposium - Ruxmangers
> 
> Ruxmon will host a symposium where ruxmangers can discuss topics of interest. Some suggestions are: -
> 
> What research demoed at Black Hat, Defcon, and/or Bsides did you find the most interesting? See anything cool in the villages?
> Recently The Shadow Brokers dumped some Equation Group (NSA) warez - do you think its legit? Is EQGRP == NSA? What do you think about it?
> 
> 
> 
> 
> 
> 
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://progsoc.org/pipermail/progsoc/attachments/20160818/17eb600a/attachment-0001.html>


More information about the Progsoc mailing list