OWASP Dublin Chapter Meetup - Threats, Tracking and Tools

OWASP Dublin is happy to announce our next meetup hosted by Workday.

This meetup promises to cover some interesting topics about how to detect, respond and mitigate active cyber attacks in warzones and we will also cover the power of automated malware analysis. Further details can be found below.

There will be refreshments available on the night.

Speaker One: Gavin O'Gorman - Microsoft's Threat Intelligence Center (MSTIC) & The war in Ukraine

Gavin is a principal intelligence analyst in the Signals team, a part of Microsoft's Threat Intelligence Center (MSTIC). His current role is to work with intelligence analysts in MSTIC, and engineers on the Signals team, to help build systems and automation that enable analysts to track more malicious actors, faster. Prior to working in Microsoft, Gavin spent 13 years in Symantec, working as a reverse engineer, incident handler, intelligence analyst and manager of the Attack Investigations Team. He has tracked and authored reports on actors operating across the world, including both government and corporate espionage, and e-crime. Gavin also lectures the Advanced Malware course in UCD's MSc in Forensic Computing and Cybercrime."

Topic: MSTIC & The war in Ukraine

Prior to and during the war in Ukraine, MSTIC tracked multiple Russian actors engaging in offensive cyber operations against Ukraine. MSTIC has attributed these actors back to Russian entities such as the SVR, GRU and FSB.
In this talk, we'll review the types of attacks that MSTIC identified being performed against Ukraine. How does one identify the right person to prevent a cyber attack against an organisation physically located in an active warzone? We'll show how Microsoft worked with Ukrainian individuals and organisations to help mitigate attacks, including techniques that Microsoft would apply for the first time.

Speaker Two: Oliver Ciappara- Automating Malware Analysis

Oliver is a Senior Malware Analysis Developer at Microsoft's Threat Intelligence Center (MSTIC). Oliver's primary focus is to automate and streamline file analysis within Microsoft.

The tools that Oliver is putting in place enable rapid analysis and triage of malware. This rapid analysis allows threat intelligence teams to track actor activity by extracting relevant indicators and context, as well as help protect Microsoft's customers.

Before joining Microsoft, Oliver developed software for embedded systems as well as cybersecurity products. Having recently completed a Master's in Law from UCC, specialising in Cybercrime and E-Law, he has a unique combination of technical and legal expertise."

Topic: Automating Malware Analysis

Discover the power of Automated Malware Analysis with Assemblyline. Developed by the Canadian Centre for Cyber Security, Assemblyline is a cutting-edge open-source solution for automating malware analysis. With its modular and scalable architecture, Assemblyline efficiently processes and aggregates information from various analysers, while also centralizing analysis tools used by different teams. Automated malware analysis lowers the bar and enables TIs to continue their work as quickly as possible, while also freeing up REs to do the more important work. Join us and get a first-hand look at assemblyline and its capabilities.

Thank you to our speakers for the evening and also to Workday for hosting us. Without the support of the community we would not be able to run these meetups.