Title :

Cooking an APT in the paranoid way


"I will explain the making of and the results of an experiment I've done in Summer 2014, planning and executing an APT (Advanced Persistent
Threat) to several Spanish Ministries. One important point with thiswork, was to have a paranoid mind to be able to not leave ****** (or...
the less, the better) hidding the source, converting cash to bitcoins,buying several services to be anonymous. The point of entry was
LinkedIN, with a false identity, to be able to fingerprint user-agentsand components versions as Java, Flash, Silverlight, etc,... used by my
"potential victims" and a lot of social engineering to be made"
Speaker Bio

Lorenzo MartÝnez
has a High Computer's Engineer grade from University of Deusto (1996-2001). Specialized in info security, Lorenzo has security certifications like CISSP from ISC2 and CISA from ISACA.Lorenzo also has several security solutions certifications from vendors like Juniper, Nokia, NetASQ, Allot, Trustwave, DenyAll, Swivel Secure, Cyberoam, etc,...He has 14 years of laboral experience working for consulting companies in the spanish security market and for international vendors related to web security and strong authentication solutions.
Currently, he leads his own company: SecurÝzame (www.securizame.com), focused and specialized in systems and networks security. Its projects are subject of security consultancy, audits, advice, training,information security and forensics.Lorenzo is co-founder and editor of one of spanish security reference blogs, Security By Default (www.securitybydefault.com) He has participated in several international well-known security conferences like RootedCON in Spain (2012), RootedCON Satelite (2014), ACK Security Conference in Colombia (2012), I International Seminar Information Security and Forensics in Ecuador (2012), EHConference in Bolivia (2012), Ekoparty in Buenos Aires (2012 and 2014), ConectaCon in Spain (2013), 8.8 in Chile (2013-2014), NoConName in Spain (2014), BSides Chile (2014), Navaja Negra in Spain (2013 and 2014), among others... All of them can be checked in http://www.securizame.com/en/congresos-de-seguridad/

Registration Link: