Windows OPSEC, where are the attackers hiding presented at t2 2016

by Jarno Niemelä,

Summary : Anyone who has been doing forensics knows that either attackers are easy to find, or you end up spending numerous hours on the task and still come up dry.
There are various tricks that can speed up forensics, but then there is also anti-forensics tactics attackers can employ and use those tricks to make their creations look trustworthy. This presentation is an overview of most common and not so common methods which attackers use to hide, and what you can do to counter those methods.
Jarno Niemelä has spent the past 16 years at F-Secure security lab working on analyzing and identifying malware and malicious behavior and planning automatic malware handling systems. His current duties focus on planning new cyber-defense systems for F-Secure corporate products. Keen on data science and on analyzing attack and malware behavioral patterns, he also teaches corporate cyber defense security at Metropolia University of Applied Sciences. He is also a regular speaker at various cybersecurity events.