From the 30th of September to the 2nd of October 2019, Forensic Focus will be attending the Techno Security & Digital Forensics Conference in San Antonio, TX, USA. If there are any topics you’d particularly like us to cover, or any speakers you think we should interview, please let us know in the comments.
Below is an overview of the subjects and speakers that will be featured at Techno Security. The conference has four tracks: audit / risk management; forensics; information security; and investigations, along with sponsor demos. Forensic Focus will be concentrating on the digital forensics track throughout the event.
Monday September 30th
The program will begin at midday, with Eugene Filipowicz from Kroll giving a forensicator’s guide to fakes, frauds and forgeries. Alongside the rise in ‘fake news’ sites has been a rise in digital forgery of documents as well. Filipowicz will show how to use digital forensic tools to uncover fraudulent documents.
Alongside this, Rob Attoe from Spyder Forensics will be talking about drone forensic analysis and demonstrating the kinds of evidence investigators can expect to encounter in cases involving drones. Meanwhile in the Audit / Risk Management track, Harvey Nusz and Tony Belilovskiy will be hosting an interactive discussion about the US privacy landscape and how it has been affected by the California privacy act.
At 1.15pm, Jamie Clarke will be talking about darknet markets and how much illegal content is easily available there. Particularly focusing on fake IDs and their links to international terrorism, Clarke will highlight the importance of remaining on top of darknet activity in law enforcement investigations.
Trey Amick from Magnet Forensics will be showing attendees how the latest updates to macOS impacts on digital forensic investigations. He will also look at APFS artifacts and files including KnowledgeC.db, FSEvents, Volume Mount Points, Quarantined Files, and bash history.
At 2.45pm, Vico Marziale from BlackBag will go through the Windows 10 Timeline and talk about its use and application in forensic investigations. Meanwhile Trent Livingston from ESI Analyst will discuss the importance of linking as much data as possible together during digital forensic investigations, which can help to uncover key dates, locations and activities within a case.
The final sessions of the day will include a presentation on chip-off mobile forensics by Dusan Kozusnik, CEO of Compelson; a discussion of US data protection law as it currently stands, and what changes we can anticipate in the future; a look at cyber security threat and forensic intelligence; and a session from Elena Steinke from the Women’s Society of Cyberjutsu, who will be talking about the importance of private and public sectors working together by launching counter-intelligence-like operations in cyberspace.
Tuesday October 1st
The second day of the conference will begin at 8am with a keynote by Roman Yampolskiy from the University of Louisville. Yampolskiy will be discussing how artificial intelligence will impact on the future of cybersecurity, with a particular focus on the rise of AI-enabled cyberattacks and fake forensic evidence.
Following the keynote, at 9.30 speakers from Protiviti will be tackling the thorny issue of how to prove a negative in cybersecurity investigations. Chet Hosmer from Python Forensics will show us how to investigate fake digital photos; and Tarah Melton from Magnet Forensics will do a deep dive into Windows memory analysis.
Taking your forensic analysis to the courtroom and presenting it in a way that makes sense to non-technical members of the public is a challenge at best, and at 10.45 Jeff Shackelford from Passmark Software will talk attendees through how to create a virtual machine from a forensic image to be presented in court.
Jason Roslewich will discuss some unique characteristics of APFS, as well as forensic imaging methods; and over in the info security track will be the intriguingly titled ‘Hack Yourself Before The Hackers Do.’
After lunch, Magnet’s Trey Amick will take to the stage once again to show how investigators can use GrayKey and AXIOM to acquire and parse iOS data that other tools may have missed. Steven Konecny from EisnerAmper will show attendees how to investigate Ponzi schemes in the 21st century; and Charles Giglia, VP of Data Intelligence, will demonstrate the capabilities of CCleaner and discuss whether it signals the end of digital forensics as we know it.
The dark web will again be a topic of discussion on Tuesday afternoon, with Vincent Jung from Media Sonar discussing effective strategies for running darknet investigations. Lee Reiber, COO of Oxygen Forensics, will demonstrate the huge amount of data that can be gleaned from smart fitness trackers such as the Fitbit and the Apple Watch. And Nuix’s Hoke Smith will show attendees how to detect and investigate malicious PowerShell.
At 4.30pm Andy Thompson from CyberArk will be discussing ‘Really Bad SysAdmin Confessions’, talking through some of the worst mistakes we know about in the industry and how we can avoid them. Drones will be the topic of discussion over in the Forensics track, with Greg Dominguez and David Kovar showing how to select and visualise data obtained from UAVs.
In the Info Security track, Steven Chesser will talk about the GDPR and how it can improve process, culture and the bottom line.
The day will be rounded off with a talk from John Wilson on the legal implications of Blockchain technology for digital forensic investigations.
Wednesday October 2nd
The final day of the conference will begin with an early riser session at 8am, in which Stephen Arnold will talk about the latest changes to the dark web and how they will impact on investigations. Although the number of sites on the dark web has decreased, illegal activity is continuously on the rise. Arnold will show how end-to-end encryption, surface web discussion groups, pastebins, and obfuscation tools are playing an important role in illegal dark web activity, and discuss what we can do to address this challenge.
At 9.15am Will Hernandez from MSAB will show attendees how to use the latest exploits to recover data from Android devices; speakers from NTT Security will show how hackers gain unauthorised access to buildings; Michael DaGrossa will talk about the need for artificial intelligence in information security; and Tarah Melton from Magnet Forensics will demonstrate how to tell a digital story using Connections and Timeline in Magnet AXIOM. Meanwhile over in the Investigations track will be a talk about social media, digital evidence and ‘what lurks in the cloud’.
Speakers from Belkasoft will be presenting at 10.30am, looking at different approaches to mobile device acquisition. In the Forensics track will be a discussion about building a successful threat hunting program; and in Info Security we will be looking at cloud security automation.
After lunch, speakers from Ansilio will show how to reveal issues and risks that keyword searches may have missed. Barbara Hewitt from Texas State University will demonstrate how to examine threat avoidance theories; and Gregg Braunton will discuss the importance of having a ‘statement of work’ prepared. Abdul Hassan will be running his ever-popular demonstration of social media analysis in counter-terror investigations.
At 3.15pm Jerry Bui will talk about the challenges associated with running digital forensic investigations in the era of fake news, and how these can be addressed. Ronald Hedges will discuss how cybersecurity and technology can be used by attorneys over in the Info Security track; and the day will draw to a close with Stephen Arnold taking to the stage once more to provide some deeper insights into recent updates on the dark web.
There will also be networking events taking place throughout the conference, which will be advertised during the conference and in the program. Find out more and register to attend here.