2023-10-07 –, Track 2
In the relentless battle against ransomware, comprehensive analysis is crucial for effective defense and mitigation. This talk aims to empower attendees with valuable insights and techniques to uncover critical artifacts and enhance their analysis efforts against ransomware attacks. During this session, we will explore the key artifacts left behind by ransomware operations, shedding light on their significance in the analysis process. Attendees will gain a deeper understanding of ransomware techniques commonly employed by threat actors. By leveraging these techniques we will discuss, attendees will be able to extract deeper insights from artifacts and gain a more comprehensive understanding of ransomware operations. By attending this session, security professionals will enhance their ability to analyze ransomware attacks, identify indicators of compromise, and develop effective mitigation strategies. The knowledge and techniques shared will enable attendees to illuminate the hidden artifacts within ransomware operations, leading to enriched analysis and improved incident response capabilities.
Fernando Tomlinson is a Technical Manager for Digital Forensics and Incident Response at Mandiant. Prior to that, he served in the U.S. Army where he retired as a Cyber Warrant Officer. While serving, he was the Senior Technical Advisor for forensics and malware analysis at the U.S. Army Cyber Command, responsible for the defensive actions of all U.S. Army systems. He also served as a Technical Director of a Cyber Operations Center and has led multi-level Digital Forensics and Incident Response and threat hunting teams. Additionally, he is a collegiate cybersecurity Adjunct Professor who enjoys contributing to the community.