Tweet
Title: (Intermediate) Tracer FIRE 9
Description:
Tracer FIRE 9 (Forensic Incident Response Exercise) is a team-oriented, CTF-style exercise in which participants develop forensic incident response skills through a virtual simulated environment. It aims to provide a target rich setting for practicing forensic techniques, and utilizes malware from real-world APT campaigns to bridge the gap between reality, and a synthetic task context. At the end of the exercise, participants will have had the chance to interact with various forensic tools and files widely encountered in actual Blue Team operations, and will additionally be exposed to invaluable reflection on potential attack matrices used in exploitation.
Tracer FIRE (Forensic Incident Response Exercise) is a combined simulation and live exercise program developed by Sandia National Laboratories to help cyber security incident responders, analysts, and operators become proficient in critical skill areas. These exercises simulate various events such as attacks, emergencies, and disruptions to critical infrastructure. Participants in this latest Tracer FIRE scenario are hired by the electric skateboard company, WheelByte, to investigate a series of cyber attacks resulting in exfiltration of company data, degradation of service, and damage to consumer confidence. Provided with a set of artifacts spanning raw email sessions, network packet captures, disk images, and memory images, participants conduct analysis to advance their investigation. Tools such as Security Onion and Ghidra are then used to parse said artifacts, yielding intriguing findings which may then be merged for development of an overarching view of the scenario. Through such means, participants can gain understanding of potential approaches for emerging cybersecurity issues.
Speaker(s): Andrew Chu
Location: Blue Team Vlg / Blue Team Vlg - Workshop Track 1
Discord: https://discord.com/channels/7082082...54317658734613
Event starts: 2020-08-08 12:00 (12:00 PM) PDT (UTC -07:00)
Event ends: 2020-08-08 13:30 (01:30 PM) PDT (UTC -07:00)
For the most up-to-date information, please either visit https://info.defcon.org, or use HackerTracker, which is available for iOS and Android. This is an automated message, and this data was last modified 2020-08-03T00:15 (UTC).
Description:
Tracer FIRE 9 (Forensic Incident Response Exercise) is a team-oriented, CTF-style exercise in which participants develop forensic incident response skills through a virtual simulated environment. It aims to provide a target rich setting for practicing forensic techniques, and utilizes malware from real-world APT campaigns to bridge the gap between reality, and a synthetic task context. At the end of the exercise, participants will have had the chance to interact with various forensic tools and files widely encountered in actual Blue Team operations, and will additionally be exposed to invaluable reflection on potential attack matrices used in exploitation.
Tracer FIRE (Forensic Incident Response Exercise) is a combined simulation and live exercise program developed by Sandia National Laboratories to help cyber security incident responders, analysts, and operators become proficient in critical skill areas. These exercises simulate various events such as attacks, emergencies, and disruptions to critical infrastructure. Participants in this latest Tracer FIRE scenario are hired by the electric skateboard company, WheelByte, to investigate a series of cyber attacks resulting in exfiltration of company data, degradation of service, and damage to consumer confidence. Provided with a set of artifacts spanning raw email sessions, network packet captures, disk images, and memory images, participants conduct analysis to advance their investigation. Tools such as Security Onion and Ghidra are then used to parse said artifacts, yielding intriguing findings which may then be merged for development of an overarching view of the scenario. Through such means, participants can gain understanding of potential approaches for emerging cybersecurity issues.
Speaker(s): Andrew Chu
Location: Blue Team Vlg / Blue Team Vlg - Workshop Track 1
Discord: https://discord.com/channels/7082082...54317658734613
Event starts: 2020-08-08 12:00 (12:00 PM) PDT (UTC -07:00)
Event ends: 2020-08-08 13:30 (01:30 PM) PDT (UTC -07:00)
For the most up-to-date information, please either visit https://info.defcon.org, or use HackerTracker, which is available for iOS and Android. This is an automated message, and this data was last modified 2020-08-03T00:15 (UTC).