addressalign-toparrow-leftarrow-rightbackbellblockcalendarcameraccwcheckchevron-downchevron-leftchevron-rightchevron-small-downchevron-small-leftchevron-small-rightchevron-small-upchevron-upcircle-with-checkcircle-with-crosscircle-with-pluscrossdots-three-verticaleditemptyheartexporteye-with-lineeyefacebookfolderfullheartglobegmailgooglegroupsimageimagesinstagramlinklocation-pinm-swarmSearchmailmessagesminusmoremuplabelShape 3 + Rectangle 1outlookpersonJoin Group on CardStartprice-ribbonImported LayersImported LayersImported Layersshieldstartickettrashtriangle-downtriangle-uptwitteruseryahoo

OWASP Monthly June 2012 with Liam O Murchu on Flame Malware

Topic: Flame Malware

The discovery of the Flame malware that targets Middle Eastern countries, predominantly Iran, has brought politically motivated threats into the spot light again.

In this talk I will discuss the Flame malware and contrast it with other politically motivated threats we have seen.

I will discuss how Flame was discovered, what it is capable of and give updates on the latest analysis. In addition I will talk about the increasing use of cyber espionage and what that may mean for software developers.

Flame is peculiar in that it was written with a combination of C++, Lua and sqlite. I will show how the threat uses these technologies and how that differs from the malware we see every day.

Speaker: Liam O Murchu

Liam O Murchu is a manager of Security Response at Symantec. He has appeared on CBS 60 Minutes about Stuxnet virus. He has also presented about Stuxnet at Los Angeles chapters of OWASP and ISSA.

Join or login to comment.

  • Patricia C.

    Very interesting! - Liam is very knowledgeable. I look forward to reviewing his slides and to attending the next OWASP meetup.

    June 28, 2012

  • Matti S

    Great meeting! Highly recommend. Thanks to Liam, Symantec and HP!

    June 28, 2012

  • Sylvia A B.

    This presentation was extremely well done. The speaker did a very good job of explaining what Flame would and would not do and who it was targeted at. I left there knowing what Flame was capable of and how much work went into its development; and that is very valuable information.

    June 28, 2012

  • Lisa G.

    Excellent presentation- thank you Liam! What a great friendly bunch of people in LA OWASP- thanks to OWASP for putting this event together! :)

    June 28, 2012

  • Jordan S.

    Great detail on a very interesting Malware platform.

    June 28, 2012

  • Vinita M.

    One of the better presentations I had so far....

    June 28, 2012

  • A former member
    A former member

    Great topic

    June 28, 2012

  • Josh

    Thanks again for putting this on! Here was the talk I was mentioning from an ex-NSA red team member discussing the theoretical financials and operations of an effective cyber army. (Totally forgot it was Charlie Miller. I should have remembered that - he only won the Safari Pwn2Own like every year in a row).

    Pretty spooky stuff in light/hindsight of what Liam shared today.

    1 · June 27, 2012

  • Richard G.

    After the meeting, join us at BJs in the Westfield mall for networking and liquid refreshments!

    1 · June 6, 2012

Our Sponsors

  • OWASP - LA


  • Riot Games

    Our goal is to become the most player-focused company in the world.

  • AsTech

    AsTech helps customers become application security heroes.

  • incapsula


  • Verizon

    Verizon DEFEND - Comprehensive cloud-based WAF and DDoS protection

  • Bugcrowd

    An innovator in crowdsourced security testing for the enterprise.

  • Absolute Software

    Industry standard in endpoint and management solutions

  • Prevoty

  • Whitehat Security

    End-to-end solutions for Web security.

  • GreenSQL

    Database Security and Compliance for EVERY organisation.


    Authentic8 puts you back in control.

  • Guidance Software

    Recognized worldwide as the industry leader in endpoint investigation

  • Check Point

    The worldwide leader in securing the Internet

  • WinMagic

    Makes it easy to secure data!

  • ioActive

    IOActive security consultancy with global presence and deep expertise

  • Contrast Security

    Secure Apps at their Source.

  • Akana


  • Qualys

    QualysGuard Web Application Scanning (WAS)

  • Click below:

  • Cigital, Inc

    The world’s largest consulting firm specializing in software security

  • Trend Micro

    A global leader in security software

  • Checkmarx

    Ensures your application remains hacker-proof.

  • SecureAuth

    SecureAuth is a technology leader in enterprise identity governance.

  • Symantec Corporation

    Provide security, storage and systems management solutions

  • BeyondTrust

    The global leader in privileged identity and threat management solutions

  • Security Innovation

    The Application Security Company

  • Palo Alto Networks

    Their Next-Generation Firewall enables applications

  • Arxan Technologies

    Sharing thought leadership & best practices on mobile apps security

  • Bay Dynamics

    IT Analytics

  • Venafi

    Inventor and market leader: Enterprise Key & Certificate Management

  • Trustwave

    Simple solutions to your complex security and compliance challenges

  • Phone Factor

    Multi-factor authentication to protect against today's threats

  • Gemalto

    Gemalto (formerly SafeNet)

  • PhishMe


People in this
Meetup are also in:

Sign up

Meetup members, Log in

By clicking "Sign up" or "Sign up using Facebook", you confirm that you accept our Terms of Service & Privacy Policy