Michael Ligh

Recommended

3 people have recommended Michael

Connections

157 connections

Industry

Computer & Network Security

Websites

• My Website
• My Blog

Michael Ligh’s Summary

I have a masters degree in forensic computer investigation and several years experience providing Internet security services to financial institutions. I have also put in my fair share of time doing vulnerability research (credited with bugs in Tumbleweed, Novell, Smyark, and F5 products) while working for a large health insurance company. More recently, I moved to Verisign iDefense on the malicious code operations team, where I specialize in providing in-depth analysis on capabilities, techniques, and encryption schemes. I also teach the 3-5 day Advanced Malware Analysis Training Course at iDefense.

I'm a member of ZERT and like to participate in contests/challenges. I've submitted winning entries for SANS malware analysis, Hacker Challenge 2008, and Honeynet.org Scan-Of-The-Month. The majority of my research is online on my website or blog (see links above).

At Defcon 16, I gave a presentation titled "Malware RCE: Debuggers and Decryptor Development," which showed how to build advanced decryption tools for command and control protocols, configurations, and stolen data recovery. At Defcon 17, I gave a presentation titled "Making Fun of Your Malware" which showed the little mistakes that attackers make while programming their code can lead to big consequences.

Michael Ligh’s Specialties:

My strongest interests include:

Reverse code engineering (specialization in x86/Win32 binaries)
Memory analysis
Malware analysis and special decryption/decoding algorithms
Developing exploits and custom shell code
Intrusion detection & prevention research
Forensics & incident response research
Planning and executing live attack scenarios in controlled environments

Additional Information

Michael Ligh’s Websites:

• My Website
• My Blog