BSides Roanoke 2023

The Roanoke Information Security Exchange and Noke Codes in partnership with Virginia Western Community College are happy to announce the second annual Security BSides event in the Roanoke region! So what is BSides? BSides is a community-driven event for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations about the next-big-thing are happening. Thousands of people have attended and written about their experience at BSides events.

Read more at: https://bsidesroa.org and http://www.securitybsides.org/Media

May 20, 2023
Hosted at Virginia Western Community College
3094 Colonial Ave SW
Roanoke, VA 24015

Call for Papers
Here’s your chance to be a part of BSides Roanoke – Call for Papers (CFP links to a Google Form).
We encourage all interested InfoSec professionals to submit their proposals for a talk. The conference aims to include a mix of intermediate-to-advanced technical and concept/research based discussions.

Advertisement

Jan 2023 – Hack the Box: “We’ll Do It LIVE!”

Wanting to take a step into the mind of a Penetration Tester? Or are you already a seasoned hacker, wanting to flex your muscles as part of a group experiment? Either way, we would love to have you join us at ECPI in Roanoke on Jan 12th at5:30pm for a guided group participation through one of the many excellent machines on the HackTheBox learning platform.

HackTheBox describes itself as “a massive hacking playground, and infosec community of over 1.3m platform members who learn, hack, play, exchange ideas and methodologies”, and it is a great place for learning and practicing alike. In this session, speaker Regen Peterson will be walking us through this platform step-by-step. This begins with creating an account and learning how to access and interact with the platform. Following this, we will conduct a group session in which we will use real-world methodologies to perform reconnaissance, enumerate and exploit vulnerabilities, and ultimately escalate privileges to gain administrator access to a vulnerable machine. And don’t worry if you are new to the offensive side of security, as inexperienced hackers will be allowed to offer their suggestions and ideas before the more experienced. 

We hope you will join us in this session of “HackTheBox: We’ll Do It LIVE!”, as we expect that it will be an extremely engaging meeting where group participation will be crucial to solving the puzzles presented. Unfortunately, due to the nature of the presentation, we will not be able to live-stream or record this meeting, but we hope to see you in person for an awesome group-learning session with HackTheBox.

BIO:

Regen Peterson, Offensive Security Consultant/Penetration Tester from Roanoke, Virginia. 

OSCP/PNPT/eJPT/+

Regen graduated from Patrick Henry High School, afterwards attending Virginia Western Community College for Computer Science Engineering. After spending some time in I.T., as well as different fields such as banking management, he developed a deep love and competitive spirit for hands-on ethical hacking learning platforms such as HackTheBox and TryHackMe. After several months of engagement with these platforms, Regen began acquiring various industry certifications and ultimately found a position in the field of Penetration Testing. Outside of `hacking`, Regen is an avid gamer, builds gaming PCs, performs music as a singer/songwriter, and spends time with his wife and three children.

Location:
ECPI Roanoke
5234 Airport Rd NW #200
Roanoke, VA 24012

Date and Time:
January 12th @ 5:30pm

Dec 2022 – Social Event At Big Lick Brewing

Our December RISE meeting will be a social event December 8th at Big Lick Brewery in downtown Roanoke starting at 5:30pm.   We want to take this opportunity to kick back, talk and share ideas about upcoming events and provide feedback on past events.  RISE can’t happen without you, so we look forward to hearing your thoughts and ideas as we get ready for 2023.   We have a table reserved at Big Lick starting at 5:15pm with a seat ready for you so don’t miss out. 

Note: RISE will not be providing beverages or food for this event (I mean common man, I can’t pay for everyone), but I am currently searching for a sponsor that might be able to assist so stay tuned. 

We look forward to seeing you all in person on Dec. 8th at Big Lick Brewery

Meeting Info:

December 8th, 5:30pm

Big Lick Brewery

409 Salem Ave SW,

Roanoke, VA 24016

Nov 2022 – Penetration Testing Certifications: Acronym Aerobics

Penetration Testing Certifications: The Good, the Bad and the Ugly
aka: Acronym Acrobatics

Wanting a career pivot or to level up your skill set can be intimating. The seemingly endless offensive security certifications out there today can be overwhelming.  How do you know which to choose?  Join RISE Thursday, Nov 10th with Ken Nevers at ECPI as this self proclaimed cert junky will share his honest opinions on which certs to go for and which to avoid along your journey.”

Bio:

Ken Nevers, Principle Security Consultant

Current Certifications: OSEP, OSCP, CRTO, CRTE, CRTP, PAWASP

Ken holds an Associate degree in Computer and Information Science with a major in Cyber and Network Security from ECPI University in addition to several red teaming and penetration testing certifications. In his free time, Ken co-organizes BSides Roanoke, co-leads the Roanoke Information Security Exchange, is a member of the Roanoke Linux Users Group, and volunteered on the security teams for HackRedCon and DerbyCon, plays guitar and tells dad jokes.

Hall Of Fames (security acknowledgements):

Oracle, Rackspace, Dell, TripAdvisor

Location

ECPI Roanoke
5234 Airport Rd NW #200
Roanoke, VA 24012

Date and Time

November 10th
5:30pm

Sept 2022- RISE/RBTC Capture the Flag

The RBTC Capture the Flag is here, and we are ready.   For those that aren’t aware we are doing something a little different for the month of September.  Instead of meeting on the second Thursday of the month we are meeting on the second Wednesday of the month (Sept. 14th) in Blacksburg, VA at the VTCRC Training & Event Center at 1691 Innovation Drive, #1025, Blacksburg, VA for a Capture the Flag (CTF) event.  This will be a great opportunity for both new and veteran IT Security focused individuals.  I encourage everyone that can make it to attend.  This is an open event and those that are not familiar with a CTF should not feel intimidated.  There will be several folks available for consultation and assistance.  For those that are familiar with CTF’s we have you covered as well.  We have a great selection of prizes such as Bash Bunnies, Flipper Zeros and Raspberry Pi’s. 

Lastly, there will be pizza and beverages provided so come hungry and learn some new skills.

The Deets:

  • This is a bring your own laptop and power supply event. You must bring a laptop to participate.
  • The Virginia Cyber Range has challenge ready VM’s available for use but you need a laptop to access them.
  • If you choose to use your own laptop for the challenges know that a KALI like image works best.

CTF registration details will be sent in a email to the RISE email distribution list. Please subscribe to the distribution list if you are already a member.

Time and Location Information:

Sept 14th @ 5:30pm

VTCRC Training & Event Center

1691 Innovation Drive, #1025,

Blacksburg, VA.

Aug 2022 – Capture The Flag

Its here!  The August CTF is finally here.  What is a CTF?  Well, I’m so glad you asked.  A CTF or Capture the Flag is kind of a computer security competition where you challenge yourself to get past hacking exercises to “capture a flag”.  This will be an interactive opportunity open to ANYONE!  Whether you’re new to IT Security and wanna learn more or a seasoned Pentester who wants to win it all, this event is for you.  If you’re new to IT Security and are concerned about what lies ahead don’t fret, we will have several veteran IT Security professionals available for consultation if you need assistance.  So come on out and let’s have some fun and learn a little while we’re at it. 

We understand that sometimes things don’t work out and you can’t make it in person so we are offering this as a virtual event as well.  The CTF will be publicly available via the web, however you must be at the event location to win prizes. 

  • CTF provided by our friends at The Virginia Cyber Range
  • Food, beverages, and prizes provided by our friends at GuidePoint Security

The Deets:

  1. This is a bring your own laptop and power supply event. You must bring a laptop to participate.
  2. The Virginia Cyber Range has challenge ready VM’s available for use.
  3. If you choose to use your own laptop for the challenges know that a KALI like image works best.
  4. Please register for the CTF before Aug 11th.
    1. Registration opens at 4pm Friday Aug 5th, 2022
    2. Registration requires a Microsoft or Google ID
    3. Link to registration will be sent in an email
      • Please send a message to info@roanokeinfosec.com if you would like to be added to the distribution list and get the link to the CTF

Date / Time / Location

Aug 11th at 5:30pm at the Roanoke Co-Lab

1327 Grandin Rd SW, Roanoke, VA 24015

(Turn onto Westover Ave SW for parking)

July 2022 – OSINT Side Channels

I know July has likely been a busy month for many of you, but you might want to carve out some time for our next meeting.  This will be an interesting topic that intrigues of most all of us.   On July 14th Ben Eldritch will be giving us his talk on OSINT Side Channels.  We will be meeting at Twisted Track in downtown Roanoke at 5:30pm.  See below for more information.  Also, if you missed the last book exchange feel free to bring some books that you want to trade or donate.   

Of course, we understand that not everyone can make it in person, we will attempt to provide a zoom link in a follow up email closer to the meeting date.

Hope to see ya there in person or virtually.

Discussion Topic:

OSINT Side Channels

  • Basic overview of OSINT and how it can be used for both good and bad
  • How posts on social media provide more information about you than you think
  • What your “Foodstagrams” tell me about you
  • The power of license plates
  • Why everyone knows where you live
  • Safeguards to being owned by anyone

Speaker:

Ben Eldritch

A security researcher who likes to break things and program others. Always learning and adapting, I love to delve deep into applications to see what makes them tick. Experience with red and blue teaming has helped me learn effective offense and essential defense.

Date and Time:

July 14th @ 5:30pm

Location:

Twisted Track BrewPub

523 Shenandoah Ave NW

Roanoke, VA 24016

June 2022 – Using Zeek Without Scripting

Welcome to June.  Things are heating up both with the weather and RISE.  Our next meeting is June 9th at Roanoke College in the Pickle Lounge in the Colket Building with Andrew Beard.  Andrew’s topic is “Using Zeek Without Scripting”.  We are fortunate that our friends at Varonis are sponsoring this month so this will be a catered event with beverages and heavy hors d’oeuvres.  So, bring your curiosity and hunger to the next RISE meeting, both will be satisfied.  See below for more details about the location and parking.

Also we will be offering a book exchange at this meeting

Are you looking to downsize your current library, or perhaps you are looking to diversify your current library.  Well RISE wants to help.  At our next meeting (6/9/22) we will be offering a book exchange.  Bring all those books that you want to get rid off and while you are there perhaps you can find a new book that might interest you.  This is a great chance to explore new areas and find a new book that might change your whole career or at least find something for summer reading.  Just remember to bring those books.

Discussion Topic:

Zeek (formerly Bro) is a great tool for network visibility, but many first timers are turned off by the complexity of Zeek scripting.  Good news!  Zeek is a totally functional stand-alone tool for network traffic analysis, no scripting required.  We’ll go through some hands-on examples of how to use Zeek to inspect PCAP files and some of the tool’s out of the box capabilities without writing a line of Zeek code.

Bringing a laptop with Docker installed is highly recommended if you want to follow along and experiment.

Location / Date / Time

Pickle Lounge, Colket Center, Roanoke College, June 9th @ 5:30 pm

https://www.google.com/maps/place/Colket+Center/@37.296069,-80.0561825,374m/data=!3m1!1e3!4m5!3m4!1s0x0:0xdbe44d3491ec6479!8m2!3d37.297078!4d-80.0556333

-Parking is adjacent to the venue. Park in designated spots and walk to the Colket Center building.

May 2022 – RF: It’s Everywhere.  An introduction to SDR – UPDATE!

Now Includes Hands-On Workshop – BYOD!

For the month of May RISE is going on the air!  Well not really, but we are gonna talk about it.  Darrell Little a member of the local amateur radio club is going to talk to us about radio frequencies and software defined radios.  SDR (for those that might not know) is taking a traditional hardware-based radio system and translating that into software whereby it can be leveraged by a PC or Laptop.  In this talk Darrell is going to take us through the basics and then discuss how these systems are used.  This will be an important talk to those that need to be prepared for DR situations or natural disasters.  As always, the talk and beverages are free so come on out and catch some waves… Radio Waves! 

Just added this week – Tom Weeks (aka TWeeks) will be bringing GQRX software and RTL-SDR devices for us to play with in real time. Make sure to bring your laptop, or mobile device to participate.

See below for location info

 Special thanks to the Roanoke Co-Lab for hosting this month’s event.

Topic:

RF: It’s Everywhere.  An introduction to SDR
A brief review of radio frequencies – part of the electromagnetic spectrum. What are traditional radio receivers and transmitters and what is SDR (software-defined radio). Beyond basic communications, take a look at how RF is used in business, industrial and medical applications. Then comparing some of the reasonably priced SDR devices available for research and testing use, along with the software tools to implement these devices.

Speaker:

Darrell Little

Founder of the Roanoke Linux Users Group and the Python Users Group Roanoke, Darrell Little has been in HealthCare IT for 20+ years, in a variety of roles. With an interest in keeping data security in the forefront to protect sensitive PHI, being involved in InfoSec has been an important part of my IT career.

Location

Roanoke Co-Lab , May 12th 5:30pm

1327 Grandin Rd SW, Roanoke, VA 24015

(Turn onto Westover Ave SW for parking)

April 2022 – Exploring Data Outside the SIEM

Spring is here and so are the taxes.   If you’re looking for a break from taxes and want to gather with some likeminded IT Security professionals join us for our next RISE meeting.   Our next meeting will be with our own Aaron McPhall at R&K Solutions. This month Aaron is asking: 

Have you ever found a new data source on your network, and ever wonder? 

·  What is this data and how could it help me?

·  How would I load this data into my SIEM?

·  Is this worth the time and effort for it to go into my SIEM?

·  How could I compare this data to what is already in my SIEM?

As network defenders, we rely on data from devices to tell a story of what is happening in our network.  We often have important datasets loaded at our fingertips, but there is always more out there.  Perhaps we even have a different story to tell, one that involves a complex story where we need to bring in data from esoteric sources. 

In our next talk, Aaron McPhall will walk through how he processes data outside any SIEM.  He will first introduce the concept of hunting, using resources from Sqrrl, to help formalize the process. Building on this, he will describe common data frameworks and methodologies to process data.  He will hopefully be able to demonstrate concepts that focus around open source tools (not a spreadsheet!) that you can easily install and use. 

Also we need a slightly experienced person to manage our social media and web presence. If you are interested let us know at info@roanokeinfosec.com. This is not a paid position, but you will be recognized as a major contributor to the RISE team and really isn’t that incentive enough?

Hope to see you all Thursday the 14th!   

Speaker Bio: 

Aaron McPhall is cybersecurity professional working in the Roanoke area.  Aaron started off as a Network/System Admin back in 2006 and has worked various IT and Security related roles, including Security {Engineering, Architecture, Research, Incident Response}.  Aaron has been a RISE member for 4 years and recently joined as a member of the RISE advisory board in 2022.     

R&K Solutions in Roanoke VA. 

April 14th, 2022 @ 5:30 PM 

R&K Solutions 
2797 Frontage Rd NW Ste 1000 
Roanoke, VA 24017 

Enter on the right side of the building