"Anatomy of Phishing"
Phishing attacks for financial gain are wide spreading with the past several years showing a significant increase in the number of attacks and their types accompanied by considerable advancements in attack methodologies with new techniques and attack vectors being constantly released.
Join Accuvant for a lively, interactive discussion to review the latest in current phishing attack trends and the techniques attackers are using to lure corporate users to reveal sensitive information about enterprise information resources that can lead to compromise of customer data. Through this presentation attendees will learn about the latest attacks, tools, and techniques employed by today's phishers, as well as potential countermeasures that can help protect against these attacks.
Covered topics include:
· Origins, motivations and success factors behind phishing
· Damage caused by phishing
· Types of phishing attack vectors, how they work and what they look like
· Potential targets of phishing attacks
· Delivery of phishing payloads
· Phishing combined with Cross Site Scripting attacks
· Detection, mitigation methods and preventative measures against phishing
· Phishing risk assessments
Mark Maxey, CISSP
Principal Consultant – Application Specialist – Accuvant, Inc
Mark Maxey, a seasoned security assessor and application designer with over six years of experience in the field, is a security consultant with Accuvant’s assessment team. Mark’s role is to provide world class security consulting services to Accuvant clients, while also providing ongoing thought leadership to the Accuvant assessment practice.
Mark has over seven years experience in the security industry with a focus on software and application security. His diverse project experience has covered all aspects of securing enterprise environments, including policy and procedure, event monitoring, network protection, risk assessment and compliance. Mark has also performed security roadmap planning, application assessments, code reviews, network penetration tests and SDLC development for a large number of Fortune 500 clients. This experience has allowed him to develop a unique array of deep skills in both the deployment and assessment of security architectures and application environments.
As a member of Accuvant’s security assessment team as an application specialist, Mark not only has a broad range of skills regarding the assessment of enterprise environments and applications, but has also been an integral component of delivering training offerings to Accuvant clients and developers across the world. Prior to joining Accuvant, Mark owned an independent security consulting firm where he performed a wide range of security services with a focus on application security. Mark has created and performed training sessions in regards to regulatory compliance issues, network and application security to a wide range of technical as well as non-technical audiences.
Mark is involved in several open source projects including development of the Interchange e-commerce platform. Mark is an OWASP and WASC project contributor. Mark has also made numerous presentations at security conferences such as ISSA with a focus on application security and emerging security threats.
Mark is a Certified Information Systems Security Professional (CISSP), Microsoft Certified System Administrator, (MCSE), VISA Qualified Data Security Professional (QDSP), and VISA Qualified Payment Application Security Professional (QPABP)
Dmitry Dessiatnikov, CISSP
Senior Security Consultant - Accuvant, Inc
Dmitry Dessiatnikov, a seasoned security assessor with over five years of experience in the field is a security consultant with Accuvant's assessment team. Dmitry's role is to provide world class security consulting services to Accuvant clients while also providing ongoing thought leadership to the Accuvant assessment practice.
Mr. Dessiatnikov has served clients in a variety of industries including financial services, electric power and gas utility, credit reporting, health care, pharmaceutical, insurance, e-Commerce and entertainment. He has performed numerous enterprise-wide security assessments, penetration tests including web application assessments, architecture, war dialing, social engineering, host based configuration, physical and wireless security reviews. He audited and made recommendations for improvements in the IT security posture of Fortune 500 companies in relation to the following regulatory requirements and attestations: SOX, HIPAA, FERC, NERC, GLBA, SAS 70 and S&P Credit Ratings.
Before joining Accuvant, Dmitry was a Senior Security Consultant in the Security and Technology Solutions practice at Ernst and Young, LLP and fulfilled a role of leading penetration testing specialist in the West Coast region. He performed multiple information security assessments that included reviewing documented corporate IT security policies and procedures, conducting interviews with management and technical personnel, testing security settings on the internally and externally facing systems as well as network devices.
Mr. Dessiatnikov is a Certified Information Systems Security Professional (CISSP), the most comprehensive security certification available. He published a white paper on securing SQL connection strings that has been referenced by a number of online sources including obviex.com, thruthewire.net, dyessconsulting.com and cissecurity.net. Dmitry identified risks, tested security settings and made recommendations for improvement for multiple 802.11 wireless implementations. He reviewed security surrounding content management process for digital resources as it was implemented by an on-demand movie service and presented on the strengths and weaknesses of Digital Right Management implementations by both Microsoft and Real Networks.
Dmitry has performed data forensics analysis for an International Pharmaceutical client by gathering and correlating evidence of the security breach and with the knowledge of Eastern European languages identified possible suspects of unauthorized access. Mr. Dessiatnikov has also participated in multiple implementations of the eTrust
Admin Access and Identity Management solution in the multi-platform environments of Fortune 50 companies and has developed hardening standards for Microsoft SQL and Oracle databases tailored for the environment of a Fortune 1000 utility company.
Dimitry is a Certified Information Systems Security Professional (CISSP), GIAC Certified Windows Security Administrator, GIAC Security Essentials Certification, MS in Information Systems Management from Brigham Young University, Utah
Read more »
"Phishing" Mark Maxey - Accuvant CISSP, Principal ... Senior Security Consultant 2:00 p.m. Capitol Board Room #240 ... Dmitry Dessiatnikov - Accuvant CISSP, Senior ...
Jon is a principal security consultant for Accuvant and ... Mark Maxey, CISSP and Dmitry Dessiatnikov, ... 10-11 a.m. and 2-3 p.m.; Capitol Board Room 240. Mark …
Lead411's People profiles including all business people from A to Z.
A smash-hit performer who has audiences roaring with laughter, Bill Harley’s work spans the...
1. Prospective students are admitted by ticket only. 2. Event Flow: Introductions and Or...
Ticket Takers and Cookie Bakers: Take tickets at the doors of the Frank and Katrina Basile Theate...
Presenter: Mark D. Brown, partner, Florida CFO Group Find the answers to your questions about Adv...
FRIDAY AUGUST 22 BE OUR GUEST COMPLIMENTARY ENTRY ALL NIGHT BOTTLE SERVICE - TABLE RESERVATIONS...
SATURDAY MARCH 30 BE OUR GUEST COMPLIMENTARY ENTRY ALL NIGHT BOTTLE SERVICE - TABLE RESERVATION...
Cloud Computing and Cyber Security Seminar When: April 5, 2011, 7:15am Where: LifeWay Chris...
All interested MassTLC members are invited to attend the next workforce cluster advisory board me...
supperclub + christian present.... mark farina w/ m3, rooz, kevin kind, nik allen, thuy vu, and...