- Need help with information security? I'll be glad to assist as a consultant through SAVVIS.
- I will be presenting on malware at SANS Institute in the upcoming months.
- I published articles on social engineering and client-side vulnerability testing.
Recent Presentations
Organizations periodically invite me to present to them on topics related to IT risk management and information security. Here are some of my recent publicly-announced presentations.
Browser Threat Landscape
This webcast, presented at SANS Institute, examines the nature of threats that target the Web browser, reviewing three major categories of browser-oriented attacks. This talk presents an overview of the Web browser threat landscape to help organizations determine what browser-related risks to address.
- This talk, presented on July 25, 2006, is available as an archived webcast for your listening pleasure.
Beyond Vulnerability Assessment: 10 Questions
This presentation explores common information security risks that organization face, and suggests 10 questions worth asking when establishing a robust IT security program. Attempting to go beyond traditional vulnerability assessment methodology, I reviewed security breaches that were publicly announced in early 2006, and addresses three types of attacks: inadvertent disclosure, attacks of opportunity, and targeted attacks.
- I presented this talk to New York Metro and New Jersey chapters of Information Systems Security Association (ISSA) in Spring 2006.
- If interested, you can take a look at my slides and speaker notes for this presentation on Adobe Acrobat PDF format.
The Securities Industry Middleware Council: Impersonation Attacks
In this presentation on impersonation attacks, I examined trends in technology and motivation behind phishing and spyware schemes. I presented several examples of impersonation attacks, demonstrating the increasing degree of complexity of software, motivation, and coordination associated with these scams. I also briefly reviewed the impact on the enterprise of such attacks, and discussed recent law enforcement actions that attempt to curb phishing-related crimes.
- The presentation took place on November 9, 2004 at the Securities Industry Middleware Council special subject meeting.
- If interested, you can take a look at my slides for this presentation on Adobe Acrobat PDF format.
California Senate Committee on Banking, Commerce, and International Trade: Phishing and Spyware Threats
A fellow Internet Storm Center handler and I were asked to present at the California Senate Committee on Banking, Commerce, and International Trade informational hearing titled Malicious Pop Up Ads and Phishing Scams: Is Your Financial Information Secure on the Internet?
Our testimony focused on explaining the dangers associated with current phishing and spyware threats, and at discussing how they are affecting consumers.
- The hearing was chaired by Senator Dean Florez.
- It took place on August 4, 2004, in State Capitol, Sacramento, California.
Copyright © 1995-2008 Lenny Zeltser. All rights reserved. RSS Feed.