Weaponised PDFs
BCS (University of Bedfordshire Student Chapter), The CST School
| Date | Thursday 29 Nov 2018 | ||||||||||
| Time | 18:00 for 18:30-20:30 | ||||||||||
| Location | Room A004, University of Bedfordshire, University Square, Luton, LU1 3JU | ||||||||||
| Speaker | Geraint Williams, Chief Information Security Officer, GRC International Group | ||||||||||
| Abstract | The emotive title is a deliberate attention grabber, this talk is around the problem that we all face at work, home and study. Attackers sending malicious documents designed to infect our machines. The focus of this talk is about how the ubiquitous PDF format has been highjacked and turned into a weapon that can defeat AV and turn our machines into zombies controlled by evil nefarious masterminds hiding in cyberspace. The objective of this talk is to educate the curious amongst us as to how the PDF file can be used as a weapon, how that use can be detected and how to protect against a malicious PDF. For the penetration tester this talk will show you how important it is to understand file formats and capabilities if you want to conduct advanced testing like social engineering in a no holds barred engagement where employees are fair game. For those doing forensics it will show how reverse engineering and knowledge of file formats can help detect how an attacker got into a network as part of incident response, and how forensic investigations can be an interesting growth career, especially with GDPR requiring breech investigation. | ||||||||||
| Profile |
I am passionate about continued learning and being an evangelist for information security. My interests include electronics as well as computing and been know to turn Arduino and Raspberry Pi’s into hacking tools. | ||||||||||
| Directions | External visitors please go to the Park Street Reception and ask for A004 Full joining instructions will be available following registration. Directions, Maps, Travel and Parking Information for the Luton Campus can be located at https://www.beds.ac.uk/about-us/campuses/luton and at https://www.beds.ac.uk/contactus/directions | ||||||||||
| Agenda |
| ||||||||||
| Downloads |
I have previously taught Information Security, Ethical Hacking and Digital
forensics at the University of Bedfordshire and since then have been a
Payment Card Industry Qualified Security Assessor and consultant and
have worked with breached companies along with household names
to ensure they meet the minimum security requirement to protect
cardholder data.. I have also worked as an Ethical Hacker and Information
security consultant but now the Chief Information Security Officer for
GRC International Group.