My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Professional Services Proposal - Criminal Justice Information Security Compliance Gap Assessment – Crowe LLP
sbend
>
Public
>
Public Works
>
Board of Works Documents
>
2019
>
Agreements/Contracts/Proposals
>
Professional Services Proposal - Criminal Justice Information Security Compliance Gap Assessment – Crowe LLP
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
4/4/2025 2:31:24 PM
Creation date
12/23/2019 11:32:41 AM
Metadata
Fields
Template:
Board of Public Works
Document Type
Contracts
Document Date
12/19/2019
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
26
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
Show annotations
View images
View plain text
Proposal to Provide <br />CJIS Gap Assessment City of South Bend <br />Industry Presentation and Publications <br />A sample of Crowe's presentations and contributions to the Information Security community include: <br />Blackhat - US 2017: <br />During Blackhat 2017 Piotr Marszalik and Michael Wrzesniak, at Crowe, <br />spoke about exploiting physical access gained during a penetration <br />assessment to access to quickly and automatically extract hashes and plant <br />backdoors on Windows systems. The creation of tool called "SmuggleBus" Iblackhed <br />was the outcome of their research and is used by penetration testers today. <br />Blackhat - US 2015: <br />At the prestigious Blackhat Security Conference, Cybersecurity Consultants <br />Mike McAtee and Lucas Morris unveiled "Cracklord", a new distributed �f <br />password cracking system. This tool was built as a management platform '44'?, <br />that load balances CPU/GPU resources from multiple hardware systems into <br />a single queuing system <br />DerbyCon 7: <br />Crowe continues its security community contributions at Derbycon 7, where Jim Shaver and Mitch <br />Hennigan spoke about the underlying architecture and security of Kerberos in an Active Directory <br />environment. This research led to the discovery of optional weak encryption being available to be used <br />by Kerberos. Additionally, several undocumented functions of Kerberos in Active Directory were <br />discovered. <br />DerbyCon 4: <br />At DerbyCon 4 Ryan Reynolds spoke on the topic of advanced traffic manipulation techniques such as <br />NetBIOS-NS/LLMNR, ARP -Spoofing, and IPv6 Stack precedence. These techniques are used by hackers <br />to manipulate network traffic with the goal of gathering unauthorized access to sensitive data traversing <br />the network during Internal Penetration Assessments. <br />Also at DerbyCon 4, Lucas Morris showcased "RavenHlD". <br />RavenHlD is a combination Arduino board/IOS application that ��j �r� <br />can be used to collect badge information for cloning. This method <br />is used to advance Crowe's social engineering testing for corporate client environments. <br />DEFCON 22 & DEFCON 20: <br />At Deacon 22 as well as Defcon 20; Lucas Morris and Mike McAtee rwk,� � . <br />contributed to the Windows security world with a panel on their tool <br />"Shareenum". It is a tool that can be used to enumerate Windows SMB shares, <br />fingerprint systems, as well as test password re -use. "Shareenum" is made with �- r <br />speed and scalability in mind for bulk system testing. <br />BSides DFW 2013, 2016 and 2017: <br />At BSides DFW; Ryan Reynolds, Chris Wilkinson, Brad Hannah, Mitch Hennigan and <br />John Alves have presented throughout the years on the latest tools and techniques used <br />by consultants and attackers in the Cybersecurity community. Crowe continues to speak <br />at local events on a regular basis on a variety of Information Security topics. <br />C9 2019 Crow: LLP www. Crowe. cony <br />
The URL can be used to link to this page
Your browser does not support the video tag.