Hackers  Are Ready.  Are You?
 
September 20 - 25, 2009 Miami, Florida
   
Rohyt Belani | Intrepidus Group

CEO
Intrepidus Group

Rohyt Belani is a Managing Partner and co-founder of the Intrepidus Group. Prior to founding the Intrepidus Group, Rohyt started and ran Mandiant’s New York City operations. During the last 7 years, he has worked at premier information security organizations like Foundstone and the US-CERT.

Rohyt is a regular speaker at various industry conferences, including Black Hat, OWASP, Hack-In-The-Box, InfoSec World, and several forums catering to the FBI and US Secret Service agents. He currently teaches a class at Carnegie Mellon University, and has been invited to guest lecture at the University of Wisconsin on the topic of information security.

He is a contributing author for Osborne's Hack Notes – Network Security, as well as Addison Wesley's Extrusion Detection: Security Monitoring for Internal Intrusions. As an industry expert he has opined on security issues via columns for online publications like SecurityFocus and SC magazine, and radio interviews with BBC.

Rohyt holds an undergraduate degree in Computer Engineering from Bombay University and a Masters in Information Networking from Carnegie Mellon University. He currently leads the OWASP Java Project a world-wide consortium of Java security experts. He has achieved the Certified Information Systems Security Professional (CISSP) certification.
 
Topic:
 
Spear Phishing: A Report from the Trenches

This presentation will discuss the evolution of phishing from being a means of stealing user identities to becoming a mainstay of organized crime. Today, phishing is a key component in a "hackers" repertoire. It has been used to hijack online brokerage accounts to aid pump n' dump stock scams, and as a means of creating covert channels from compromised user machines to the Internet. During this talk, I will present the techniques used by attackers to execute spear phishing attacks, and real-world cases that I have responded to that will provide perspective on the impact. I will then discuss countermeasures that have been proven to be effective and are recommended by reputed bodies like SANS and Carnegie Mellon University.