Although merchants and retailers have been implementing more secure technologies within their payment environments, such as Chip and PIN and Point to Point Encryption, they continue to be targeted by cyber criminals intent on stealing payment card data. Popular tools used by hackers in these types of breaches include memory-scraping malware such as RawPOS and ModPOS. During this session, Mr. Nesbit and Mr. Dormido will provide an overview of these two malware variants, exploring the similarities and differences between them. They will also discuss forensic artifacts and analysis techniques useful in payment card breach investigations.
For additional Kroll presentations from the 2018 DFIR Summit & Training, please take a look here!
The annual SANS Digital Forensics & Incident Response (DFIR) Summit is the most comprehensive DFIR event of the year, bringing together an influential group of experts, immersion-style training, and industry networking opportunities in one place. Over the course of this eight-day training event, you'll enjoy:
Join Brandon Nesbit & Ron Dormido for a session on the "Case Study: ModPOS vs. RawPOS – A Nerd's-Eye View of Two Malware Frameworks" on Thursday, June 7, 2018 at 3:35 pm.