Wed, Nov 15|
Cyber Threat Investigator Course - November 2023
Ai6 is hosting the Cyber Threat Investigations Course, being taught by globally leaders in cyber investigations, the National Cyber-Forensics & Training Alliance (www.NCFTA.net) and Grant Thornton LLP. 3 days certification training in cyber investigations and incident response methods.
Time & Location
Nov 15, 9:00 a.m. EST – Nov 17, 5:00 p.m. EST
About the Event
COURSE TIME 9:00 AM (EST) ** 6:00 AM (PST) ** 10:00 AM (AST)
This immersive course expands upon the skills and fundamentals taught in introductory cyber courses. The course will provide attendees with a more in-depth understanding of the online criminal ecosystem. We will focus on the existing cyber threats markets, forums and other criminality occuring there. OSINT techniques and other methods to investigate criminal activity on multiple layers of the web. Students will assume different identities and communicate with others in the ecosystem via encrypted communications, utilizing PGP and peer to peer application. The training will be mostly hands-on, with students walking through the steps, explanations of the programs and demonstrations of the browser add-ons while building a research machine. Additionally, attendees will be familiarized with open source and commercial tools and learn to leverage the tools for thier investigations.
- Find and navigate the 'dark web' forums/marketplaces using the TOR network
- Conduct online research to identify threats to your organization
- Create a target profile report through the use of various research techniques/tools
- Learn fundamentals in interacting online through NCFTA-guided hands-on exercises
- Create and maintain research accounts, employ encryption techniques in order to communicate online
- Limit your footprint while conducting research.
- Understanding VPN, VM and info bleeds while using such environments
- Make purchases using crypto currencies
- Develop intelligence reporting based on information gathered
- Interact online using various P2P chat platforms
- Focus on dark web, deep web, Malware and Ransomware
The course will also focus on incident response to compromises and will provide attendees with an understanding of ransomware and best practices/tools for first response to ransomware incidents:
- What is Ransomware?
- Types of Ransomware
- How does it work?
- Responding to an attack
- Stop the spread
- Investigative strategies
- Finding available unlock keys
**This is an advanced cyber investigation course. We strongly recommend students have previous cyber investigative training or have completed the Cryptocurrency Investigators Course hosted by Ai6.
Mr. Sean WILLIAMS
Sean Williams is a Trainer and Intelligence Analyst within Training at the National Cyber-Forensics & Training Alliance (NCFTA) located in Pittsburgh, Pennsylvania. Sean does dark web research and analysis on illicit markets, forums, actors, coordinates and develops training on a variety of topics. He received a graduate degree in Security and Intelligence Studies from the University of Pittsburgh's Graduate School of Public and International Affairs.
Ms. Kaitlin Martin
Kaitlin Martin has been an intelligence analyst on the Cyber Financial team at the National Cyber-Forensics & Training Alliance (NCFTA) since January 2020. Since then, she has conducted numerous cryptocurrency investigations for both law enforcement and private-sector partners. Kaitlin is also a Russian linguist and works on the Russian and Eastern European Crime-as-a-Service (CaaS) initiative, as well as the Business Email Compromise (BEC) initiative. Prior to joining NCFTA, Kaitlin worked for a financial intelligence firm in Washington, DC.
Ms. Stephanie M. Corvese - Manager: Risk & Forensics - Grant Thornton LLP
Stephanie started with Grant Thornton in 2017 and has been involved in performing forensic acquisitions and analysis of electronic data from a range of digital media including, computers, tablets, smartphones, and removable media such as USB keys SD cards, and other consumer electronic devices including cloud storage. She is also an active member of the cyber breach response investigations team and the OSINT investigations team.
Ms. Corvese will be presenting a case study involving the Lockbit variant. Ms. Corvese will walk through students on using open source tools when first responding to ransomware investigations. Each student will have their on virtual desktop for the practical section.
Cyber Threat Investigators
+US$36.73 service fee
Nov 14, 6:00 p.m. EST
Cyber Threat Investigations Course
+US$36.73 service fee0