We have something special planned for the month of March.  RISE is going out on the town!  This month we will are going to meetup at Twisted Track to hang out.  I am attempting to get us a conference room with the hope of bringing up ChatGPT and seeing what insightful thoughts this new AI has on IT Security, cyber risk and other areas of interest.  Perhaps we may even play stump the chump or in this case stump the AI. 

Looking forward to seeing you all there.

March 9^th, 2023 @5:30pm

Ever wonder how computers can interpret programs? Are you interested in looking at random bytes on a screen and reading them like the Matrix? Do you always get stumped on “easy” reverse engineering CTF challenges? Then join us for a night of learning binary analysis! 

This talk will focus on looking at binaries/executables for interesting strings, compiler information, linked DLLs with dependencies, and even a basic overview of Assembly – the lowest level language we can program in! This discussion will also include commonly used tools, methods, and even utilizing AI to interpret a binary! Following the talk, we will statically analyze a simple piece of custom malware and be able to decipher just what devious tasks it may be doing! Laptops/personal machines recommended but not required (use whatever OS you want!)

BIO:

Ben Eldritch, Vulnerability Assessment Analyst for Raytheon Technologies

Current Certs: GICSP, OSCP, Pentest+, CySA+

Ben holds a Bachelor’s degree in Cybersecurity and Information Assurance from WGU and an associates in Engineering from DMACC. His interest in security started when he began tinkering with his GameBoy and messing with in-memory data via a GameShark. From there, he started writing prankware for his friends and eventually learned the ins and outs of penetration testing. When not breaking into things (with permission of course!), Ben enjoys taking long mountain hikes and observing all the different kinds of creatures of the world. 

Date & Time:

February 9th @ 5:30pm

Location

The RAMP Building
709 S. Jefferson Street Roanoke,
VA 24016

Parking and entrance are in the rear of the building

Our December RISE meeting will be a social event December 8^th at Big Lick Brewery in downtown Roanoke starting at 5:30pm.   We want to take this opportunity to kick back, talk and share ideas about upcoming events and provide feedback on past events.  RISE can’t happen without you, so we look forward to hearing your thoughts and ideas as we get ready for 2023.   We have a table reserved at Big Lick starting at 5:15pm with a seat ready for you so don’t miss out. 

Note: RISE will not be providing beverages or food for this event (I mean common man, I can’t pay for everyone), but I am currently searching for a sponsor that might be able to assist so stay tuned. 

We look forward to seeing you all in person on Dec. 8^th at Big Lick Brewery

The Roanoke Information Security Exchange and Noke Codes in partnership with Virginia Western Community College are happy to announce the second annual Security BSides event in the Roanoke region! So what is BSides? BSides is a community-driven event for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations about the next-big-thing are happening. Thousands of people have attended and written about their experience at BSides events.

Get your BSides Roanoke 2023 tickets now!

Click Here For Tickets

Want to learn more about BSides Roanoke go to BSidesRoa.org

Call for Papers
Here’s your chance to be a part of BSides Roanoke – Call for Papers (CFP links to a Google Form).
We encourage all interested InfoSec professionals to submit their proposals for a talk. The conference aims to include a mix of intermediate-to-advanced technical and concept/research based discussions.

Penetration Testing Certifications: The Good, the Bad and the Ugly
aka: Acronym Acrobatics

Wanting a career pivot or to level up your skill set can be intimating. The seemingly endless offensive security certifications out there today can be overwhelming.  How do you know which to choose?  Join RISE Thursday, Nov 10th with Ken Nevers at ECPI as this self proclaimed cert junky will share his honest opinions on which certs to go for and which to avoid along your journey.”

Bio:

Ken Nevers, Principle Security Consultant

Current Certifications: OSEP, OSCP, CRTO, CRTE, CRTP, PAWASP

Ken holds an Associate degree in Computer and Information Science with a major in Cyber and Network Security from ECPI University in addition to several red teaming and penetration testing certifications. In his free time, Ken co-organizes BSides Roanoke, co-leads the Roanoke Information Security Exchange, is a member of the Roanoke Linux Users Group, and volunteered on the security teams for HackRedCon and DerbyCon, plays guitar and tells dad jokes.

Hall Of Fames (security acknowledgements):

Oracle, Rackspace, Dell, TripAdvisor

Location

ECPI Roanoke
5234 Airport Rd NW #200
Roanoke, VA 24012

Date and Time

November 10th
5:30pm

The RBTC Capture the Flag is here, and we are ready.   For those that aren’t aware we are doing something a little different for the month of September.  Instead of meeting on the second Thursday of the month we are meeting on the second Wednesday of the month (Sept. 14^th) in Blacksburg, VA at the VTCRC Training & Event Center at 1691 Innovation Drive, #1025, Blacksburg, VA for a Capture the Flag (CTF) event.  This will be a great opportunity for both new and veteran IT Security focused individuals.  I encourage everyone that can make it to attend.  This is an open event and those that are not familiar with a CTF should not feel intimidated.  There will be several folks available for consultation and assistance.  For those that are familiar with CTF’s we have you covered as well.  We have a great selection of prizes such as Bash Bunnies, Flipper Zeros and Raspberry Pi’s. 

Lastly, there will be pizza and beverages provided so come hungry and learn some new skills.

The Deets:

• This is a bring your own laptop and power supply event. You must bring a laptop to participate.
• The Virginia Cyber Range has challenge ready VM’s available for use but you need a laptop to access them.
• If you choose to use your own laptop for the challenges know that a KALI like image works best.

CTF registration details will be sent in a email to the RISE email distribution list. Please subscribe to the distribution list if you are already a member.

Time and Location Information:

Sept 14^th @ 5:30pm

VTCRC Training & Event Center

1691 Innovation Drive, #1025,

Blacksburg, VA.

Its here!  The August CTF is finally here.  What is a CTF?  Well, I’m so glad you asked.  A CTF or Capture the Flag is kind of a computer security competition where you challenge yourself to get past hacking exercises to “capture a flag”.  This will be an interactive opportunity open to ANYONE!  Whether you’re new to IT Security and wanna learn more or a seasoned Pentester who wants to win it all, this event is for you.  If you’re new to IT Security and are concerned about what lies ahead don’t fret, we will have several veteran IT Security professionals available for consultation if you need assistance.  So come on out and let’s have some fun and learn a little while we’re at it. 

We understand that sometimes things don’t work out and you can’t make it in person so we are offering this as a virtual event as well.  The CTF will be publicly available via the web, however you must be at the event location to win prizes. 

• CTF provided by our friends at The Virginia Cyber Range
• Food, beverages, and prizes provided by our friends at GuidePoint Security

The Deets:

1. This is a bring your own laptop and power supply event. You must bring a laptop to participate.
2. The Virginia Cyber Range has challenge ready VM’s available for use.
3. If you choose to use your own laptop for the challenges know that a KALI like image works best.
4. Please register for the CTF before Aug 11^th.
   1. Registration opens at 4pm Friday Aug 5^th, 2022
   2. Registration requires a Microsoft or Google ID
   3. Link to registration will be sent in an email
      • Please send a message to info@roanokeinfosec.com if you would like to be added to the distribution list and get the link to the CTF

Date / Time / Location

Aug 11^th at 5:30pm at the Roanoke Co-Lab

1327 Grandin Rd SW, Roanoke, VA 24015

(Turn onto Westover Ave SW for parking)

I know July has likely been a busy month for many of you, but you might want to carve out some time for our next meeting.  This will be an interesting topic that intrigues of most all of us.   On July 14^th Ben Eldritch will be giving us his talk on OSINT Side Channels.  We will be meeting at Twisted Track in downtown Roanoke at 5:30pm.  See below for more information.  Also, if you missed the last book exchange feel free to bring some books that you want to trade or donate.   

Of course, we understand that not everyone can make it in person, we will attempt to provide a zoom link in a follow up email closer to the meeting date.

Hope to see ya there in person or virtually.

Discussion Topic:

OSINT Side Channels

• Basic overview of OSINT and how it can be used for both good and bad
• How posts on social media provide more information about you than you think
• What your “Foodstagrams” tell me about you
• The power of license plates
• Why everyone knows where you live
• Safeguards to being owned by anyone

Speaker:

Ben Eldritch

A security researcher who likes to break things and program others. Always learning and adapting, I love to delve deep into applications to see what makes them tick. Experience with red and blue teaming has helped me learn effective offense and essential defense.

Date and Time:

July 14th @ 5:30pm

Location:

Twisted Track BrewPub

523 Shenandoah Ave NW

Roanoke, VA 24016

Home 1

Welcome to June.  Things are heating up both with the weather and RISE.  Our next meeting is June 9^th at Roanoke College in the Pickle Lounge in the Colket Building with Andrew Beard.  Andrew’s topic is “Using Zeek Without Scripting”.  We are fortunate that our friends at Varonis are sponsoring this month so this will be a catered event with beverages and heavy hors d’oeuvres.  So, bring your curiosity and hunger to the next RISE meeting, both will be satisfied.  See below for more details about the location and parking.

Also we will be offering a book exchange at this meeting

Are you looking to downsize your current library, or perhaps you are looking to diversify your current library.  Well RISE wants to help.  At our next meeting (6/9/22) we will be offering a book exchange.  Bring all those books that you want to get rid off and while you are there perhaps you can find a new book that might interest you.  This is a great chance to explore new areas and find a new book that might change your whole career or at least find something for summer reading.  Just remember to bring those books.

Discussion Topic:

Zeek (formerly Bro) is a great tool for network visibility, but many first timers are turned off by the complexity of Zeek scripting.  Good news!  Zeek is a totally functional stand-alone tool for network traffic analysis, no scripting required.  We’ll go through some hands-on examples of how to use Zeek to inspect PCAP files and some of the tool’s out of the box capabilities without writing a line of Zeek code.

Bringing a laptop with Docker installed is highly recommended if you want to follow along and experiment.

Location / Date / Time

Pickle Lounge, Colket Center, Roanoke College, June 9^th @ 5:30 pm

https://www.google.com/maps/place/Colket+Center/@37.296069,-80.0561825,374m/data=!3m1!1e3!4m5!3m4!1s0x0:0xdbe44d3491ec6479!8m2!3d37.297078!4d-80.0556333