Get 20% off all career paths from fullstack to AI
Learn AI, Data Science & Business — Earn Certificates That Get You Hired
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Explore advanced network forensics and threat detection techniques through real-world corporate security investigations in this DEF CON 33 conference talk. Learn how to leverage corporate network tools to identify and investigate various threat actors, from individual fraud cases to sophisticated nation-state operations. Discover the process of uncovering timecard fraud through network log analysis, including the detection of an automated fingerprint device hidden in a corporate facility used by contractors working in denied areas. Examine IoT security analysis methods through chip-off extraction techniques demonstrated on Chinese voting machine prototypes, including the use of 4G connectivity, Bluetooth, and WiFi for forensic analysis. Master the identification and mitigation of North Korean IT worker fraud within corporate networks by detecting piKVM switches, analyzing suspicious device connections, and recognizing patterns such as multiple user devices connecting to single workstations and timecard updates occurring in foreign time zones. Understand how to correlate digital forensics evidence across multiple companies to track fraudulent workers, including the use of VPN detection, Windows event code searches in Splunk, and geographic location spoofing identification techniques.
Syllabus
DEF CON 33 - The Things know What You Did Last Session - Will Baggett
Taught by
DEFCONConference